openssl buffer overflow.
Simon 'corecode' Schubert
corecode at fs.ei.tum.de
Thu Oct 4 11:54:46 PDT 2007
Matthew Dillon wrote:
> There's an advisory on a security hole in openssl on the FreeBSD lists.
> could someone apply the patch to HEAD and REL or (if fixed in later
> versions of openssl) upgrade openssl?
We have 0.9.8e in the tree. As far as I can tell, this should not be
affected -- at least from looking at the CVE summaries. They all only
talk about <= 0.9.8d. Unfortunately openssl.org doesn't really publish
security issues (in a prominent place).
More information about the Bugs