On Thu, Jun 12, 2014 at 11:15:18PM +0100, Matt Caswell wrote:
On 12/06/14 22:43, Otto Moerbeek wrote:
On Thu, Jun 12, 2014 at 10:26:56PM +0200, Matt Caswell via RT wrote:
Patch applied:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=abfb989fe0b749ad61f1aa4cdb0ea4f952fc13e0
You should be using the FIPS Object Module 1.2.x and its associated
User Guide.
From: Swenson, Ken_S. (IS) [mailto:ken.swen...@ngc.com]
Sent: Thursday, June 12, 2014 2:14 PM
Thanks for replying. I am using the instructions from section
4.3.1 of UserGuide-2.0.pdf that I found at
Hello,
these 15 null dereference and memory leak reports, included with comments
below, were found by running
Facebook¹s Infer static analyzer on openssl-1.0.1h.
regards,
Peter O¹Hearn
Facebook Static Analysis Tools Team
1.
File: apps/apps.c
REPORT: Null
Title : SSL_get_error returns SSL_ERROR_SYSCALL but errno is set to 0.
How to reproduce? Set up a DTLSconnection. Then send fake DTLS (application
data) as the server at high rate (400pps). Mix of fake packets make the
problem reproduce more easily.
Issue: The ssl_read reports SSL_ERROR_SYSCALL
On Thu, Jun 12, 2014 at 07:11:24PM +0200, Stephen Henson via RT wrote:
On Thu Jun 12 18:16:55 2014, meiss...@suse.de wrote:
Hi,
The Net-SSLeay perl module failed its testsuite after 1.0.1g - 1.0.1h
update.
The code looks like this:
... create more X509 certificate stuff ...
On Thu, Jun 12, 2014 at 07:11:24PM +0200, Stephen Henson via RT wrote:
On Thu Jun 12 18:16:55 2014, meiss...@suse.de wrote:
Hi,
The Net-SSLeay perl module failed its testsuite after 1.0.1g - 1.0.1h
update.
The code looks like this:
... create more X509 certificate stuff ...
- Original Message -
From: Richard Moore richmoor...@gmail.com
To: openssl-dev@openssl.org
Sent: Thursday, June 12, 2014 11:13:09 PM
Subject: Re: Minor fixes to openssl ocsp
On 12 June 2014 17:34, Hubert Kario hka...@redhat.com wrote:
- Original Message -
I put a
On 13 June 2014 11:12, Hubert Kario hka...@redhat.com wrote:
--
*From: *Richard Moore richmoor...@gmail.com
*To: *openssl-dev@openssl.org
*Sent: *Thursday, June 12, 2014 11:13:09 PM
*Subject: *Re: Minor fixes to openssl ocsp
On 12 June 2014 17:34, Hubert Kario
Hey, that's very neat.
The REPORT part looks automated; are the REMARKS your commentary or does the
tool do that too?
/r$
--
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: rs...@jabber.me; Twitter: RichSalz
TIcket resolved.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
Another update here is ..
We also tried upgrading it to 0.9.8y, but still we had the same issues.
Can someone please provide a solution for this ?
Thanks Regards
Karthikeyan Thirumal
From: Thirumal, Karthikeyan
Sent: Thursday, June 12, 2014 10:52 PM
To:
On Fri, Jun 13, 2014 at 10:12 AM, Thirumal, Karthikeyan
kthiru...@inautix.co.in wrote:
Another update here is ..
We also tried upgrading it to 0.9.8y, but still we had the same issues.
Can someone please provide a solution for this ?
openssl-users mailing list instead of openssl-dev
On 11/06/14 08:23, Matt Caswell wrote:
On 11 June 2014 06:47, Otto Moerbeek o...@drijf.net wrote:
On Tue, Jun 10, 2014 at 11:35:06PM +0100, Matt Caswell wrote:
I can't see a way that this could be exploited. It is a bug though.
I've just pushed a fix:
The following error occurs using the 20140613 snapshot on the 1.0.2
trunk. The host is a 64-bit CentOS system. This problem does
not occur on 32-bit CentOS.
gcc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H
-Wa
On Thu, Jun 12, 2014 at 08:05:52PM +0200, dcrue...@qualitesys.com wrote:
Thanks Kurt
I found ssl/t1_lib.c
but not ssl/d1_both.c, ssl/s3_enc.c, ssl/sll_ciph.c, ssl/ssl_sess.c
in pull request #131
So can you make patches for those issues and then open a bug in RT
about it?
Kurt
15 matches
Mail list logo