openssl buffer overflow.

Simon 'corecode' Schubert corecode at fs.ei.tum.de
Thu Oct 4 11:54:46 PDT 2007


Matthew Dillon wrote:
>     There's an advisory on a security hole in openssl on the FreeBSD lists.
>     could someone apply the patch to HEAD and REL or (if fixed in later
>     versions of openssl) upgrade openssl?

We have 0.9.8e in the tree.  As far as I can tell, this should not be
affected -- at least from looking at the CVE summaries.  They all only
talk about <= 0.9.8d.  Unfortunately openssl.org doesn't really publish
security issues (in a prominent place).

cheers
  simon






More information about the Bugs mailing list