projects / archaic-openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Note gitdiff for things we won't supply a patch for
[archaic-openssl.git] / notification_20140605.txt
diff --git a/notification_20140605.txt b/notification_20140605.txt
index 9fddee3a0fe17aa0184e316d90f863197b53ba19..54c0f2371adc8c6a46845ac336474050d52c120d 100644 (file)
--- a/notification_20140605.txt
+++ b/notification_20140605.txt
@@ -23,6 +23,18 @@ it on to anyone and instead have them contact me directly.
 Regards, Mark
 OpenSSL project
 
+Note: CVE-2010-5298 is already public and fixed at
+
+http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d1f4b0
+
+Note: CVE-2014-0198 is already public and fixed at
+
+https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8671b89
+
+Note: For OpenSSL 0.9.8 only CVE-2014-0076 is already public and fixed at
+
+https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f9b6c0ba
+
 [reminder to me, just run git log -p (-5 or whatever) on
 remotes/origin/steve/1.0.1h-secfix branch and post that diff]
 
Unnamed repository; edit this file 'description' to name the repository.