CVE-2016-2180

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am using openssl-1.0.0e in my product. Here i want to know that OpenSSL is
CVE-2016-2180 vulnerable or not.

https://github.com/openssl/openssl/commit/0ed26acce328ec16a3aa635f1ca37365e8c7403a?diff=unified
In this page showing some information about CVE-2016-2180 vulnerability.

Actually i read some information from the internet that, to reproduce this
vulnerability need to "*create specially crafted time stamp file and used
with the "openssl ts"*" command. How to create "specially crafted time stamp
file". 

In the CVE-2016-2180 vulnerability talk about TS_OBJ_print_bio function
creating the crash. This function is present in the openssl i have.

Is there any patch available for this vulnerability.




--
View this message in context: http://openssl.6102.n7.nabble.com/CVE-2016-2180-tp68032.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux