Re: OpenSSL-0.9.6a has security fixes

From: Markus Friedl (Markus_Friedl@GENUA.DE)
Date: Thu Apr 26 2001 - 09:10:14 CEST

Next message: Linux Mandrake Security Team: "MDKSA-2001:041 - hylafax update"

Previous message: Ariel Waissbein: "Re: OpenSSL-0.9.6a has security fixes"
In reply to: Ariel Waissbein: "Re: OpenSSL-0.9.6a has security fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 25, 2001 at 03:33:13PM -0300, Ariel Waissbein wrote:
> There seems to be an typo in the following post. It is RSA and not DSA.

no, it's DSA not RSA, it's not a typo.

Bleichenbacher has discovered both attacks on RSA and on DSA:

http://www.lucent.com/press/0201/010205.bla.html

> The source, OpenSSL's webpage, has the same typo. Refer to

no.

> > - Security fix: prevent Bleichenbacher's DSA attack.
>
> it should be Bleichenbacher's RSA attack and not DSA

just look at the code.

cheers,
-markus

Next message: Linux Mandrake Security Team: "MDKSA-2001:041 - hylafax update"
Previous message: Ariel Waissbein: "Re: OpenSSL-0.9.6a has security fixes"
In reply to: Ariel Waissbein: "Re: OpenSSL-0.9.6a has security fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 22:04:00 CEST