[ PRIVACY Forum ] Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

Leo Bicknell bicknell at ufp.org
Wed Mar 5 20:21:56 UTC 2014

On Mar 4, 2014, at 9:07 PM, Jay Ashworth <jra at baylink.com> wrote:

> Is this the *same* bug that just broke in Apple code last week?

No, the Apple bug was the existence of an /extra/ "goto fail;".

The GnuTLS bug was that it was /missing/ a "goto fail;".

I'm figuring the same developer worked on both, and just put the line in the wrong repository. :)

And yes, while this is a joke, Apple fixed their bug by removing a "goto fail;", and GnuTLS fixed theirs by adding a "goto fail;".  I can't make up something that funny.


       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 793 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140305/83849c2a/attachment.sig>

More information about the NANOG mailing list