Quoting Daniel Pocock (2015-11-09 15:35:30)
> The patch could be adapted so it only tries the alternative (fopen) in
> situations where open fails.
>
> Do you think this would reduce risk?
No: The risk I see is the one of changing behaviour of an already known
to be weakly designed part of a sha
On 9 November 2015 14:16:56 GMT+00:00, Jonas Smedegaard wrote:
>Quoting Daniel Pocock (2015-11-09 14:32:51)
>> As described in #770659, Chromium is having problems with the
>standard
>> version of libsrtp0 on jessie.
>
>The problem it has is that it a) rely on libSRTP to provide randomness,
>
>an
Quoting Daniel Pocock (2015-11-09 14:32:51)
> As described in #770659, Chromium is having problems with the standard
> version of libsrtp0 on jessie.
The problem it has is that it a) rely on libSRTP to provide randomness,
and b) block the underlying calls done internally in libSRTP to get
rando
Package: libsrtp0
Version: 1.4.5~20130609~dfsg-1.1
Severity: important
Tags: security
As described in #770659, Chromium is having problems with the standard
version of libsrtp0 on jessie.
Chromium upstream uses a bundled and patched version of libsrtp0.
Chromium packages uploaded to jessie as se
4 matches
Mail list logo
