oss-sec mailing list archives
qpidd SSL connection DoS (CVE-2010-3083)
From: Vincent Danen <vdanen () redhat com>
Date: Thu, 7 Oct 2010 19:51:33 -0600
Just a heads up for anyone that ships qpid. About a year and a half ago a blocking condition was found with SSL connections to qpidd, but I don't think upstream really thought about the security implications. It was fixed upstream in July 2009. The details are in our bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3083 --Vincent Danen / Red Hat Security Response Team
Current thread:
- qpidd SSL connection DoS (CVE-2010-3083) Vincent Danen (Oct 07)