From owner-freebsd-security@FreeBSD.ORG Wed Mar 17 18:20:26 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7BA4A16A4CE for ; Wed, 17 Mar 2004 18:20:26 -0800 (PST) Received: from web14804.mail.yahoo.com (web14804.mail.yahoo.com [216.136.224.220]) by mx1.FreeBSD.org (Postfix) with SMTP id 5A96A43D39 for ; Wed, 17 Mar 2004 18:20:26 -0800 (PST) (envelope-from rosti_bsd@yahoo.com) Message-ID: <20040318022009.52877.qmail@web14804.mail.yahoo.com> Received: from [192.117.108.59] by web14804.mail.yahoo.com via HTTP; Wed, 17 Mar 2004 18:20:09 PST Date: Wed, 17 Mar 2004 18:20:09 -0800 (PST) From: Rostislav Krasny To: Dag-Erling "Smørgrav" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-security@freebsd.org Subject: Re: FreeBSD-SA-04:05.openssl question X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Mar 2004 02:20:26 -0000 --- Dag-Erling Smørgrav wrote: > Rostislav Krasny writes: > > Isn't FreeBSD vulnerable to the second "Out-of-bounds read affects > > Kerberos ciphersuites" security problem? > > From the URL you mentioned: "Most applications have no ability to use > Kerberos ciphersuites and will therefore be unaffected." Do you imply that applications with ability to use Kerberos ciphersuites are impossible to be implemented for current versions of FreeBSD? __________________________________ Do you Yahoo!? Yahoo! Mail - More reliable, more storage, less spam http://mail.yahoo.com