This doesn't seem all that important. There are numerous bugs around most softwa... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

_qxtl on May 6, 2014 | parent | context | favorite | on: OpenSSL CVE-2010-5298 / CVE-2014-0198

This doesn't seem all that important. There are numerous bugs around most software out there which can cause it to crash. It's not good, but it's also not the worst one out there.

If it was that bad, it would have been fixed earlier. It was reported first in 2010: https://rt.openssl.org/Ticket/Display.html?id=2167&user=gues...

It was also fixed a few weeks ago.

Edit: Just noticed that the openssl bug tracker passes the username and password in the URL. Oh dear...

jacquesm on May 6, 2014 | [–]

At least no google results for anything other than guest show up.

ASneakyFox on May 9, 2014 | [–]

For a security project I find their lack of security shocking.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact