[169602] in North American Network Operators' Group
Re: [ PRIVACY Forum ] Critical crypto bug leaves Linux, hundreds
daemon@ATHENA.MIT.EDU (Jay Ashworth)
Wed Mar 5 16:04:21 2014
Date: Wed, 5 Mar 2014 16:03:38 -0500 (EST)
From: Jay Ashworth <jra@baylink.com>
To: NANOG <nanog@nanog.org>
In-Reply-To: <0141083C-7F9C-4C8D-8B07-C4F53F1B8C4E@ufp.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
----- Original Message -----
> From: "Leo Bicknell" <bicknell@ufp.org>
> On Mar 4, 2014, at 9:07 PM, Jay Ashworth <jra@baylink.com> wrote:
>
> > Is this the *same* bug that just broke in Apple code last week?
>
> No, the Apple bug was the existence of an /extra/ "goto fail;".
>
> The GnuTLS bug was that it was /missing/ a "goto fail;".
>
> I'm figuring the same developer worked on both, and just put the line
> in the wrong repository. :)
Those who speculate that these bugs happened at the behest of the NSA
would probably agree with you.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII
St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
