[oss-security] FreeBSD Security Advisory FreeBSD-SA-13:10.sctp

Dag-Erling Smørgrav des at des.no
Thu Aug 22 11:43:28 UTC 2013

Huzaifa Sidhpurwala <huzaifas at redhat.com> writes:
> Dag-Erling Smørgrav <des at des.no> writes:
> > This also affects third-party software (Firefox, at the very least)
> > that incorporates FreeBSD's SCTP implementation.
> Are you sure about this?

Allow me to amend my statement: this *may* also affect third-party
software that incorporates our SCTP implementation, including Mozilla
Firefox and Google Chrome.  I can neither confirm nor deny that they are
actually vulnerable; all I can say is that a) I have it on good
authority that they use the same code (JFGI!) and b) they were notified
in advance.

Dag-Erling Smørgrav - des at des.no

More information about the freebsd-security mailing list