Re: OpenSSL-0.9.6a has security fixes

From: Markus Friedl (Markus_Friedl@GENUA.DE)
Date: Thu Apr 26 2001 - 09:10:14 CEST

  • Next message: Linux Mandrake Security Team: "MDKSA-2001:041 - hylafax update"

    On Wed, Apr 25, 2001 at 03:33:13PM -0300, Ariel Waissbein wrote:
    > There seems to be an typo in the following post. It is RSA and not DSA.

    no, it's DSA not RSA, it's not a typo.

    Bleichenbacher has discovered both attacks on RSA and on DSA:

        http://www.lucent.com/press/0201/010205.bla.html

    > The source, OpenSSL's webpage, has the same typo. Refer to

    no.

    > > - Security fix: prevent Bleichenbacher's DSA attack.
    >
    > it should be Bleichenbacher's RSA attack and not DSA

    just look at the code.

    cheers,
    -markus



    This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 22:04:00 CEST