OpenSSL 1.0.2: CVE-2018-5407 PortSmash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: openssl-users@xxxxxxxxxxx
Subject: OpenSSL 1.0.2: CVE-2018-5407 PortSmash
From: Misaki Miyashita <misaki.miyashita@xxxxxxxxxx>
Date: Wed, 7 Nov 2018 11:23:22 -0600
Organization: Oracle Corporation
Reply-to: misaki.miyashita@xxxxxxxxxx, openssl-users@xxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

Hi,

According to the following website:
    https://www.openwall.com/lists/oss-security/2018/11/01/4

OpenSSL <= 1.1.0h is affected.
Does that mean the problem also exist in the OpenSSL 1.0.2 release?

Thank you,

-- misaki
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- Re: OpenSSL 1.0.2: CVE-2018-5407 PortSmash
  - From: Billy Brumley

Prev by Date: Re: OpenSSL vs GPG for encrypting files? Security best practices?
Next by Date: Re: Add OpenSSL-support to a project
Previous by thread: In-place encryption/decryption via the EVP_* APIs
Next by thread: Re: OpenSSL 1.0.2: CVE-2018-5407 PortSmash
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]

Powered by Linux