On Thursday, 25 March 2021 15:03:24 CET, OpenSSL wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL Security Advisory [25 March 2021]
=
NULL pointer deref in signature_algorithms processing (CVE-2021-3449)
On 10/09/2020 16:14, Jakob Bohm via openssl-users wrote:
> On 2020-09-10 09:03, Tomas Mraz wrote:
>> On Wed, 2020-09-09 at 22:26 +0200, Jakob Bohm via openssl-users wrote:
>>> Wouldn't a more reasonable response for 1.0.2 users have been to
>>> force on
>>> SSL_OP_SINGLE_DH_USE rather than
On 2020-09-10 09:03, Tomas Mraz wrote:
On Wed, 2020-09-09 at 22:26 +0200, Jakob Bohm via openssl-users wrote:
Wouldn't a more reasonable response for 1.0.2 users have been to
force on
SSL_OP_SINGLE_DH_USE rather than recklessly deprecating affected
cipher
suites
and telling affected people to
On Wed, 2020-09-09 at 22:26 +0200, Jakob Bohm via openssl-users wrote:
> Wouldn't a more reasonable response for 1.0.2 users have been to
> force on
> SSL_OP_SINGLE_DH_USE rather than recklessly deprecating affected
> cipher
> suites
> and telling affected people to recompile with the fix off?
On 2020-09-09 14:39, OpenSSL wrote:
OpenSSL Security Advisory [09 September 2020]
=
Raccoon Attack (CVE-2020-1968)
==
Severity: Low
The Raccoon attack exploits a flaw in the TLS specification which can lead to
an attacker
That makes sense, thank you all.
On 21/04/2020 20:46, Sam Roberts wrote:
> The announcement claims that this affects SSL_check_chain().
>
> Is that an exhaustive list? If an application does NOT call that
> function, does this mean the vulnerability is not exploitable?
As Ben says - this is correct.
>
> I ask because the the
On Tue, Apr 21, 2020 at 12:46:43PM -0700, Sam Roberts wrote:
> The announcement claims that this affects SSL_check_chain().
>
> Is that an exhaustive list? If an application does NOT call that
> function, does this mean the vulnerability is not exploitable?
That is correct (speaking only in
The announcement claims that this affects SSL_check_chain().
Is that an exhaustive list? If an application does NOT call that
function, does this mean the vulnerability is not exploitable?
I ask because the the fixed function tls1_check_sig_alg is called by
tls1_check_chain, and that is called
Having reviewed the git commit for 1.1.1 I notice the following issue:
The environment variables that usually point to the secure administrator
directories (such as "Program Files") are not themselves secured, and not
intended as a secure means of obtaining these directory locations, which
are
Thanks.
-Original Message-
From: openssl-users On Behalf Of Matt
Caswell
Sent: Wednesday, February 27, 2019 11:18 AM
To: openssl-users@openssl.org
Subject: Re: OpenSSL Security Advisory
On 27/02/2019 18:43, Scott Neugroschl wrote:
> Is this a client-side or server-side vulnerabil
On 27/02/2019 18:43, Scott Neugroschl wrote:
> Is this a client-side or server-side vulnerability? Or does it matter?
It can apply to either side.
Matt
>
> Thanks,
>
> ScottN
>
> ---
> Scott Neugroschl | XYPRO Technology Corporation
> 4100 Guardian Street | Suite 100 |Simi Valley, CA
Is this a client-side or server-side vulnerability? Or does it matter?
Thanks,
ScottN
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805
583-2874|Fax 805 583-0124 |
-Original Message-
From: openssl-users On
The redhat podcast with Mark (Cox) probably answers this best;
http://bit.ly/Th64oP
On Thu, Jun 5, 2014 at 12:04 PM, Juha Saarinen j...@saarinen.org wrote:
Hi Steve,
That’s quite a few in one go - is this due to greater testing of OpenSSL
and more scrutiny of the code by the community?
On 6/5/2014 11:31 PM, Green, Gatewood wrote:
Openssl-0.9.8za will not build in FIPS mode. The openssl-fips-1.2(.4) seems to
be missing the symbol BN_consttime_swap.
By the way, the BN_consttime_swap implementation in 1.0.1g (still
downloading 1.0.1h) doesn't seem to completely match its
In 0.9.8za, there is a missing compiler directive to
include limits.h in ssl/s3_pkt.c. Without it, compiling
fails on SPARC Solaris 10 with INT_MAX being undefined on
line 536, which looks like:
OPENSSL_assert(s-s3-wnum INT_MAX);
It appears that 1.0.0m has the same problem. I haven't
In 0.9.8za at least, there is a missing directive to include limits.h.
Without it, compilation fails on SPARC Solaris 10 with INT_MAXbeing
undefined on line 536, which looks like:
OPENSSL_assert(s-s3-wnum INT_MAX);
It appears that 1.0.0m has the same problem. I haven't looked at
1.0.1h as
Hi Steve,
That’s quite a few in one go - is this due to greater testing of OpenSSL and
more scrutiny of the code by the community?
Of the flaws listed, which is the one of most concern?
This kind of begs the question what to do with all those embedded systems that
run older versions of
Openssl-0.9.8za will not build in FIPS mode. The openssl-fips-1.2(.4) seems to
be missing the symbol BN_consttime_swap.
Woody
Gatewood C Green Jr (Woody)
Principal Software Engineer, Product Security Champion
SIEM Engineering
McAfee. Part of Intel Security.
Direct: 208.552.8269
Mobile:
Ah, of course! I was so focused on not accessing that routine and not
being able to just link in the obj files that the obvious solution of
using the library properly escaped me! Thanks.
After a Visual Studio 2012 build in directory:
E:\usr_local\src\openssl-1.0.1f_32
I then was able put that
some nice pictures how the bug works: http://www.xkcd.com/1354/
HIH
matthias
--
Sent from my FreeBSD netbook
Matthias Apitz, g...@unixarea.de, http://www.unixarea.de/ f: +49-170-4527211
UNIX since V7 on PDP-11, UNIX on mainframe since ESER 1055 (IBM /370)
UNIX on x86 since SVR4.2
On 11/04/2014 12:58 AM, Viktor Dukhovni wrote:
guru@hein:~/openssl-1.0.1f/apps (sleep 3 ; echo B ; sleep 3) | ./openssl
s_client -connect www.openssl.org:443
If you are using s_client for testing then you should add the -msg
option and see what is being sent.
Responding to a correctly formed
El dÃa Wednesday, April 09, 2014 a las 01:05:22AM -0700, monloi perez
escribió:
True. Thanks for the quick reply.
On Wednesday, April 9, 2014 3:33 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk
wrote:
https://www.openssl.org/news/changelog.html
1.0.1 introduced the heartbeat support.
On 12 Apr 2014, at 17:43, Matthias Apitz g...@unixarea.de wrote:
El dÃa Wednesday, April 09, 2014 a las 01:05:22AM -0700, monloi perez
escribió:
True. Thanks for the quick reply.
On Wednesday, April 9, 2014 3:33 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk
wrote:
El día Saturday, April 12, 2014 a las 09:08:15PM +0200, Michael Tuexen escribió:
What is the exact bug, can someone show a svn/git diff of the first
source version having the bug?
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4817504d069b4c5082161b02a22116ad75f822b1
Hi,
Thanks
On 12 Apr 2014, at 21:30, Matthias Apitz g...@unixarea.de wrote:
El día Saturday, April 12, 2014 a las 09:08:15PM +0200, Michael Tuexen
escribió:
What is the exact bug, can someone show a svn/git diff of the first
source version having the bug?
El día Saturday, April 12, 2014 a las 09:30:22PM +0200, Matthias Apitz escribió:
El día Saturday, April 12, 2014 a las 09:08:15PM +0200, Michael Tuexen
escribió:
What is the exact bug, can someone show a svn/git diff of the first
source version having the bug?
On Apr 12, 2014, at 3:08 PM, Michael Tuexen michael.tue...@lurchi.franken.de
wrote:
I have read the rumor. It is wrong.
Introduced with intent vs. known to the NSA -- two
different things, right?
I don't have any direct knowledge of what goes on in the
NSA, but if they don't have a
On 12/04/14 21:30, Matthias Apitz wrote:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4817504d069b4c5082161b02a22116ad75f822b1
Thanks for the git diff (and the other statements). Could you please be
so kind and point to the exact place of the offending statement (or
missing
El día Saturday, April 12, 2014 a las 03:43:29PM -0400, Michael Smith escribió:
On Apr 12, 2014, at 3:08 PM, Michael Tuexen
michael.tue...@lurchi.franken.de wrote:
I have read the rumor. It is wrong.
Introduced with intent vs. known to the NSA -- two
different things, right?
El día Saturday, April 12, 2014 a las 03:43:29PM -0400, Michael Smith escribió:
On Apr 12, 2014, at 3:08 PM, Michael Tuexen
michael.tue...@lurchi.franken.de wrote:
I have read the rumor. It is wrong.
Introduced with intent vs. known to the NSA -- two
different things, right?
On 12 Apr 2014, at 21:43, Michael Smith m...@smithbowen.net wrote:
On Apr 12, 2014, at 3:08 PM, Michael Tuexen
michael.tue...@lurchi.franken.de wrote:
I have read the rumor. It is wrong.
Introduced with intent vs. known to the NSA -- two
different things, right?
My statement was
On Apr 12, 2014, at 5:40 PM, Michael Tuexen michael.tue...@lurchi.franken.de
wrote:
Introduced with intent vs. known to the NSA -- two
different things, right?
My statement was referring to the Introduced with intend.
Understood. I'm personally quite sure it *wasn't* introduced
with
On 10.04.2014 13:16, Rob Stradling wrote:
On 09/04/14 20:43, Salz, Rich wrote:
Can you please post a good and a bad server example. I have
tested a lot of servers, including 'akamai.com', and they all show
HEARTBEATING at the end:
Look at Victor's recent post about how to patch
The same issue when I tried to port over to windows, the ssl3_write_bytes
is not exposed in the library. There doesn't seem to be an easy workaround
that I can see.
Steve...
On Fri, Apr 11, 2014 at 7:40 AM, Walter H. walte...@mathemainzel.infowrote:
On 10.04.2014 13:16, Rob Stradling wrote:
@openssl.org
Subject: Re: OpenSSL Security Advisory
On 10.04.2014 13:16, Rob Stradling wrote:
On 09/04/14 20:43, Salz, Rich wrote:
Can you please post a good and a bad server
example. I have tested a lot of servers, including 'akamai.com', and they
all show
In debian I solved linking directly static library.
gcc -ansi -pedantic -o heartbleed heartbleed.c -lcrypto \
/usr/lib/x86_64-linux-gnu/libssl.a
Regards
In data venerdì 11 aprile 2014 08:38:07, Steven Kneizys ha scritto:
The same issue when I tried to port over to windows, the
Thanks Leonardo!
On 11/04/14 13:54, Leonardo Secci wrote:
In debian I solved linking directly static library.
gcc -ansi -pedantic -o heartbleed heartbleed.c -lcrypto \
/usr/lib/x86_64-linux-gnu/libssl.a
Regards
In data venerdì 11 aprile 2014 08:38:07, Steven Kneizys ha scritto:
The
On 11/04/2014 10:38 PM, Steven Kneizys wrote:
The same issue when I tried to port over to windows,
the ssl3_write_bytes is not exposed in the library. There doesn't
seem to be an easy workaround that I can see.
The work around is trivial if you wanted to do that.
Change to use the
-Original Message-
From: Matthias Apitz [mailto:g...@unixarea.de]
Sent: Thursday, April 10, 2014 6:41 AM
To: Apitz,Matthias
Subject: Fwd: RE: OpenSSL Security Advisory
- Forwarded message from Salz, Rich rs...@akamai.com -
Date: Wed, 9 Apr 2014 15:43:28 -0400
On 09/04/14 20:43, Salz, Rich wrote:
Can you please post a good and a bad server example. I have tested a lot of
servers, including 'akamai.com', and they all show HEARTBEATING at the end:
Look at Victor's recent post about how to patch openssl/s_client to make your
own test. That's the
On Thu, Apr 10, 2014 at 10:57:35AM +0200, Matthias Apitz wrote:
I have instrumented an openssl 1.0.1f as posted by Victor:
guru@hein:~/openssl-1.0.1f diff ssl/t1_lib.c.unpatched
ssl/t1_lib.c
2671c2671
s2n(payload, p);
---
s2n(0x4000, p);
but I still see HEARTBEATING, for
https://www.openssl.org/news/changelog.html
1.0.1 introduced the heartbeat support.
1.0.0 and earlier are fortunate in that they didnt have it.but then they
didnt have things to stop you from being BEASTed so some you win, some you
lose. ;)
alan
True. Thanks for the quick reply.
On Wednesday, April 9, 2014 3:33 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
https://www.openssl.org/news/changelog.html
1.0.1 introduced the heartbeat support.
1.0.0 and earlier are fortunate in that they didnt have it.but then they
didnt have things
How do I determine whether or not the web servers I run are affected? They
are Apache 2.4, built for 64 bit Windows and downloaded from Apachelounge.
I have no idea what version of openssl it was built with. Does anyone here
know if the feature that introduces the risk can be turned off, without
http://filippo.io/Heartbleed/#www.unlocator.com
On Wed, Apr 9, 2014 at 2:05 PM, Ted Byers r.ted.by...@gmail.com wrote:
How do I determine whether or not the web servers I run are affected?
They are Apache 2.4, built for 64 bit Windows and downloaded from
Apachelounge. I have no idea what
Hi Ted,
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
How do I determine whether or not the web servers I run are affected?
They are Apache 2.4, built for 64 bit Windows and downloaded from
Apachelounge. I have no idea what version of openssl it
Ø How do I determine whether or not the web servers I run are affected?
Here's a simple way:
echo B | openssl s_client -connect $HOST:$PORT
if you see heartbeating at the end, then $HOST is vulnerable.
How can you tell if private keys have been taken? You can't, really. You can
Thanks Rich,
I have obtained the new, patched, release of Apache from Apache lounge, and
applied the patch to one server, which the online services say fix the
problem on it, but your simple way of checking still says heartbeating at
the end. Does that mean that the patch didn't truly work?
I
Thanks Patrick.
Apache lounge already has a patched release released. So, once I deploy
that, and get my certificates reissued, I ought to be OK.
Thanks
Ted
--
R.E.(Ted) Byers, Ph.D.,Ed.D.
On Wed, Apr 9, 2014 at 8:37 AM, Eisenacher, Patrick
patrick.eisenac...@bdr.de wrote:
Hi Ted,
On Wed, Apr 09, 2014 at 10:55:23AM -0400, Ted Byers wrote:
I get the heartbeating message on both unpatched and patched servers.
Should that make me worry about the patched machines?
No, unfortunately both patched and unpatched systems respond the
same way to valid heartbeat requests as send
Ø I get the heartbeating message on both unpatched and patched servers.
Should that make me worry about the patched machines?
Not necessarily. If they updated to the 'g' release, then they are doing
buffer-overrun checking and you're safe. You can probably find out by
connecting to your
- Forwarded message from Salz, Rich rs...@akamai.com -
Date: Wed, 9 Apr 2014 09:54:25 -0400
From: Salz, Rich rs...@akamai.com
To: openssl-users@openssl.org openssl-users@openssl.org
Subject: RE: OpenSSL Security Advisory
Ø How do I determine whether or not the web servers I run
Can you please post a good and a bad server example. I have tested a lot
of servers, including 'akamai.com', and they all show HEARTBEATING at the end:
Look at Victor's recent post about how to patch openssl/s_client to make your
own test. That's the simplest. My example tests only for
On Mon 12/03/12 4:02 PM , open...@master.openssl.org (OpenSSL) sent:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [12 Mar 2012]
FTAO Dr Steve Henson,
Not that it's important, but the FAQ in 0.9.8u archive says:
* Which is the current version of OpenSSL?
The
The windows binaries do not appear to have been upgraded yet. It is possible
that some of them are affected, I should think. Thanks.
-Original Message-
From: owner-openssl-annou...@openssl.org [mailto:owner-openssl-
annou...@openssl.org] On Behalf Of OpenSSL
Sent: Wednesday, January
On 1/19/2012 10:59 AM, John A. Wallace wrote:
The windows binaries do not appear to have been upgraded yet. It is possible
that some of them are affected, I should think. Thanks.
They are up now.
-Original Message-
From: owner-openssl-annou...@openssl.org [mailto:owner-openssl-
On Tue, Sep 06, 2011 at 03:40:30PM +0200, OpenSSL wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [6 September 2011]
Two security flaws have been fixed in OpenSSL 1.0.0e
CRL verification vulnerability in OpenSSL
=
I will be on vacation from Sep/05/2011 thru Sep/16/2011 (back in the office on
Sep 19).
Have a great day !
Huie-Ying
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
-Original Message-
From: owner-openssl-us...@openssl.org
ssl/s2_srvr.c ssl/s3_srvr.c : The error in those two file seems to mean
that server verification of DSA signed clients certificates is also
affected.
DSA cannot be used with SSLv2 so it is not .
Is it not also
Dr. Stephen Henson wrote:
On Wed, Jan 07, 2009, Victor Duchovni wrote:
This is not very clear to me. Which signatures are poorly verified:
1. The server's signature on SSL/TLS protocol messages that must
be signed under the server's private key (corresponding to the
private
On Fri, Jan 09, 2009, Jean-Marc Desperrier wrote:
Stephen, can you elaborate on that response because from the patch it seems
that more than only client validation of the server signature in SSL
sessions is affected.
cms/cms_sd.c is affected, but the consequence is only a missing error
This vulnerability only comes into play during active TLS sessions.
Certificate chain validation is not affected.
S/MIME is not affected.
Quoting Dr Henson (a later message, Message-ID
20090107184137.ga99...@openssl.org):
Certificate chain validation is not affected nor other forms of DSA/ECDSA
--- On Wed, 1/7/09, Dr. Stephen Henson st...@openssl.org wrote:
Incorrect checks for malformed signatures
- ---
It is not perfectly clear to me if regular certificate validiations and smime
signature validiation is also affected by this. Could you
On Wed, Jan 07, 2009 at 02:17:09PM +0100, Dr. Stephen Henson wrote:
Several functions inside OpenSSL incorrectly checked the result after
calling the EVP_VerifyFinal function, allowing a malformed signature
to be treated as a good signature rather than as an error. This issue
affected the
On Wed, Jan 07, 2009, Victor Duchovni wrote:
This is not very clear to me. Which signatures are poorly verified:
1. The server's signature on SSL/TLS protocol messages that must
be signed under the server's private key (corresponding to the
private key in its certificate)?
Does the release of 0.9.8j also include the FIPS module support?
(i.e., is this a bug-fix only release, or does this include what you
have been working on for the past few months as well?)
-Kyle H
On Wed, Jan 7, 2009 at 4:10 AM, Dr. Stephen Henson st...@openssl.org wrote:
-BEGIN PGP SIGNED
Does the release of 0.9.8j also include the FIPS module support?
do you mean anything other than this?
http://www.mail-archive.com/openssl-users@openssl.org/msg55535.html
This is the first full release of OpenSSL that can link against the
validated FIPS module version 1.2
I got the notice of the release several hours after the security
advisory. Not sure what happened, but I've since received it.
Thank you, Dr Henson and everyone who works on OpenSSL!
-Kyle H
On Wed, Jan 7, 2009 at 5:23 PM, Giang Nguyen cau...@hotmail.com wrote:
Does the release of 0.9.8j
Kyle Hamilton wrote:
I got the notice of the release several hours after the security
advisory. Not sure what happened, but I've since received it.
Thank you, Dr Henson and everyone who works on OpenSSL!
-Kyle H
On Wed, Jan 7, 2009 at 5:23 PM, Giang Nguyen cau...@hotmail.com wrote:
Does the
On Wed, Jan 07, 2009 at 07:46:59PM -0700, Thomas J. Hruska wrote:
I forgot to ask earlier today, but does the security vulnerability
affect 0.9.7m?
Yes, but only in the unlikely case that you operate clients that establish
authenticated sessions with servers that use DSA certificates. This
Does the release of 0.9.8j also include the FIPS module support?
(i.e., is this a bug-fix only release, or does this include what you
have been working on for the past few months as well?)
The actual 0.9.8j release announcement stated:
This is the first full release of OpenSSL that can link
Is it just me, or is this advisory not linked to on the main webpage?
Kris
PGP signature
73 matches
Mail list logo
