Guido Günther writes:
> It has a link:
>
> "I created a patch against openssl that allows to test this." ->
> https://github.com/hannob/bignum-fuzz/blob/master/openssl-break-rsa-values.diff
>
> This allows to crash the matrix ssl server.
Ok, thanks. That looks like you can test it if you can set
On Thu, September 1, 2016 21:06, Chris Lamb wrote:
> Hi Thijs,
>
>> > the Debian LTS team would like to fix the security issues which are
>> > currently open in the Wheezy version of mailman:
>> > https://security-tracker.debian.org/tracker/CVE-2016-6893
>>
>> I'll look into it and will let you kno
Hi,
I've had a quick look at CVE-2016-7116[0] and would be interested by working on
it. Upstream provided a patch[1], which looks 'relatively' simple and seems to
apply well with some adaptations. However, the names of the concerned files have
changed[2] (e.g. virtio-9p.c -> 9p.c). I think this is
Thijs Kinkhorst wrote:
> >
> > https://gist.githubusercontent.com/lamby/42b6636c257c730903a874e1edeee1f9/raw
> >
> > Let me know if I should go ahead and upload it.
>
> Yes, looks good. Please go ahead. Thanks for your work!
No problem; uploaded. :)
Regards,
--
,''`.
: :' :
