CVE-2014-0198 is listed in the VULNERABILITIES page as fixed in 1.0.1h and 1.0.0m , but is not listed on the Release Notes for either of these releases.
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Geoffrey Thorpe Sent: Monday, June 23, 2014 11:59 AM To: jb-open...@wisemo.com Cc: openssl-users@openssl.org Subject: Re: Advisory on CVE 2014-0195 not listed on main vulnerabilities page Hi Jakob, Thanks - I think this has now been corrected, the website should sync within an hour or so. Please let me know if you see anything amiss. Cheers, Geoff On Mon, Jun 23, 2014 at 8:15 AM, Jakob Bohm <jb-open...@wisemo.com<mailto:jb-open...@wisemo.com>> wrote: Dear OpenSSL web page subteam, CVE 2014-0195 is listed in https://www.openssl.org/news/secadv_20140605.txt as fixed by the latest round of security fixes, however it is missing from the primary cross reference at https://www.openssl.org/news/vulnerabilities.html You may wish to update the page to reflect this part of the advisory. This was also mentioned by Mr. Nageswar in an unanswered message 14 days ago. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10<tel:%2B45%2031%2013%2016%2010> This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org<mailto:openssl-users@openssl.org> Automated List Manager majord...@openssl.org<mailto:majord...@openssl.org>
