In message <xof1y9k9p3c.fsf@blubb.pdc.kth.se>, Johan Danielsson writes:
>"Jeremy C. Reed" <reed@reedmedia.net> writes:
>
>> I am more interested in the libasn1 issues. I wonder if
>> src/crypto/dist/heimdal/lib/asn1/ should be updated.
>
>It does not share any code.
>
Given the number of different ASN.1 parsers that have had security 
bugs in the past, it may pay to audit in anyway.

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com ("Firewalls" book)