[oss-security] FreeBSD Security Advisory FreeBSD-SA-13:10.sctp
Dag-Erling Smørgrav
des at des.no
Thu Aug 22 11:43:28 UTC 2013
Huzaifa Sidhpurwala <huzaifas at redhat.com> writes:
> Dag-Erling Smørgrav <des at des.no> writes:
> > This also affects third-party software (Firefox, at the very least)
> > that incorporates FreeBSD's SCTP implementation.
> Are you sure about this?
Allow me to amend my statement: this *may* also affect third-party
software that incorporates our SCTP implementation, including Mozilla
Firefox and Google Chrome. I can neither confirm nor deny that they are
actually vulnerable; all I can say is that a) I have it on good
authority that they use the same code (JFGI!) and b) they were notified
in advance.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list