[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnutls-dev] About RSA BSAFE libraries denial of service vulnerabili
From: |
Simon Josefsson |
Subject: |
Re: [gnutls-dev] About RSA BSAFE libraries denial of service vulnerability |
Date: |
Tue, 29 May 2007 12:48:47 +0200 |
User-agent: |
Gnus/5.110007 (No Gnus v0.7) Emacs/22.0.95 (gnu/linux) |
Jeff Cai <address@hidden> writes:
> Hi,
> Maybe this is a very simple question. But because it concern security,
> it becomes so important.
> Recently, someone found a security vulnerability of RSA BSAFE libraries
> http://www.kb.cert.org/vuls/id/754281/ I don't know whether GNUTls uses
> RSA algorithm or has similar problem.
GnuTLS doesn't use RSA BSAFE Crypto-C or Cert-C, so if it is a problem
with those particular implementations, we are not affected.
There isn't sufficient technical information in the link you provide
that I can use to tell if GnuTLS is affected by a similar bug though.
/Simon