[tahoe-lafs-trac-stream] [tahoe-lafs] #1722: respond to OpenSSL ASN.1 parsing bug
tahoe-lafs
trac at tahoe-lafs.org
Thu Apr 19 19:41:30 UTC 2012
#1722: respond to OpenSSL ASN.1 parsing bug
----------------------------+----------------------------------------
Reporter: davidsarah | Owner:
Type: defect | Status: new
Priority: critical | Milestone: undecided
Component: packaging | Version: 1.9.1
Resolution: | Keywords: openssl security packaging
Launchpad Bug: |
----------------------------+----------------------------------------
Description changed by davidsarah:
Old description:
> http://lists.grok.org.uk/pipermail/full-disclosure/2012-April/086585.html
>
> * what is the impact on Tahoe, if any?
> * if needed write advisory, put on website and post to tahoe-dev
> * understand how pyOpenSSL links to OpenSSL, and whether we should change
> pyOpenSSL and bump Tahoe's dependency on it.
New description:
http://lists.grok.org.uk/pipermail/full-disclosure/2012-April/086585.html
* review source of pyOpenSSL to see what calls it makes to OpenSSL, check
[http://www.openssl.org/news/secadv_20120419.txt assertion that SSL/TLS is
not affected].
* what is the impact on Tahoe, if any?
* if needed write advisory, put on website and post to tahoe-dev
* understand how pyOpenSSL links to OpenSSL, and whether we should change
pyOpenSSL and bump Tahoe's dependency on it.
--
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1722#comment:2>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list