Hi,
Installation of openssl-1.0.0e fails if SCRIPTS environment variable is
defined (export SCRIPTS=/home/xxx/scripts for example).
making install in apps...
installing openssl
installing /home/xxx/scripts
In apps/Makefile, SCRIPTS is defined (SCRIPTS=CA.sh CA.pl tsget), but
it seems
Hi,
The problem is fixed with your patch. Thank you!
Regards,
Cédric Marie.
De : Andy Polyakov via RT r...@openssl.org
À : cedric.ma...@yahoo.fr
Cc : openssl-dev@openssl.org
Envoyé le : Jeudi 19 avril 2012 8h48
Objet : Re: [openssl.org #2793] bug report :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [19 Apr 2012]
===
ASN1 BIO vulnerability (CVE-2012-2110)
===
A potentially exploitable vulnerability has been discovered in the OpenSSL
function
A couple of questions on Thor's proposed patch:
1. There has been no discussion - does that imply a passive acceptance or
passive rejection?
2. I am using OpenSSL/FIPS on a system with /dev/urandom. Although the
rand_unix.c RAND_poll() function is called only once with the released
code, after
On Wed, Apr 18, 2012 at 08:04:28PM +0200, Andy Polyakov via RT wrote:
I've had 2 users report a crash in RC4() on x86_64. The
backtrace looks like:
#0 RC4 () at rc4-x86_64.s:343
#1 0x012d in ?? ()
#2 0x00df in ?? ()
#3 0x020b5660 in ?? ()
#4
On Thu, Apr 19, 2012 at 09:08:48PM +0200, Kurt Roeckx wrote:
On Wed, Apr 18, 2012 at 08:04:28PM +0200, Andy Polyakov via RT wrote:
I've had 2 users report a crash in RC4() on x86_64. The
backtrace looks like:
#0 RC4 () at rc4-x86_64.s:343
#1 0x012d in ?? ()
#2
The detailed analysis for CVE-2012-2110 implies issues with truncation,
specifically int vs long vs size_t. Is the problem limited to platforms where
these are different sizes? The analysis says not limited to I32LP64, but does
not rule out any platforms where it is not an issue. Can it
This looks simular to the AES problem with had, with a length of 0?
For reference. What was going on was the RC4_set_key was generating
compact key schedule on Intel legacy CPU, while rc4_md5_enc was treating
as non-compact with 32-bit elements. As results it was messed up in such
way that
On Thu, Apr 19, 2012, Erik Tkal wrote:
The detailed analysis for CVE-2012-2110 implies issues with truncation,
specifically int vs long vs size_t. Is the problem limited to platforms
where these are different sizes? The analysis says not limited to I32LP64,
but does not rule out any
I encounter compilation error when compiling for ARM platform wth OpenSSL
1.0.1a:
make -f ../Makefile.shared -e \
APPNAME=openssl OBJECTS=openssl.o verify.o asn1pars.o req.o dgst.o dh.o
dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o
rsautl.o dsa.o dsaparam.o ec.o
With fixed in http://cvs.openssl.org/chngview?cn=22455. seems compile ok。
--
qun-ying
- Original Message -
From: zhu qun-ying quny...@yahoo.com
To: openssl-dev@openssl.org openssl-dev@openssl.org
Cc:
Sent: Thursday, April 19, 2012 2:57:05 PM
Subject: Re: [openssl.org #2792]
Dr. Stephen Henson wrote:
On Wed, Apr 18, 2012, Erik Tkal wrote:
Any takers? Should I be able to build a FIPS-capable OpenSSL and have some of
the implementation be provided via an ENGINE (e.g. let's say I have a hardware
module to perform AES) but some by the OpenSSL FIPS canister? Or is
We run a site that uses the F5 Networks BIG-IP load balancer, and OpenSSL 1.0.1
triggers this bug on the load balancer. When it occurs, the load balancer
neither forwards the request to a pool member, nor does it respond to the
OpenSSL client. There are warning messages in the load balancer's
On Fri, Apr 20, 2012, Roumen Petrov wrote:
Dr. Stephen Henson wrote:
On Wed, Apr 18, 2012, Erik Tkal wrote:
Any takers? Should I be able to build a FIPS-capable OpenSSL and have some
of the implementation be provided via an ENGINE (e.g. let's say I have a
hardware module to perform AES)
14 matches
Mail list logo
