On Mon Sep 26 14:34:17 2016, rs...@akamai.com wrote:
> We have a fix waiting for internal review; see GitHub issue 1546.
That's not related to this issue.
Cheers,
Richard
--
Richard Levitte
levi...@openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4686
Please log in as
I'm trying to understand the severity of this issue.
The demo exploit described here http://eprint.iacr.org/2016/594 relies
on the fact the target program
and the attacker share the same memory image of the OpenSSL shared library.
If my program is statically linked to OpenSSL will that make it
The call to FIPS_crypto_set_id_callback() was added in revision
a43cfd7bb1fc681d563e,
but there is no prototype for it in .
---
Moved the function prototype upwards, because declarations can only be placed
at the top of a function in C.
crypto/o_init.c | 5 +
1 file changed, 5
That has already been fixed in the 1.0.2 branch, and is part of 1.0.2j, which
was released today.
Cheers,
Richard
On Mon Sep 26 14:32:31 2016, jan-markus.pumpa...@bittium.com wrote:
>
>
> Hi,
>
> When building the OpenSSL 1.0.2i with -DHAVE_CRYPTODEV flag the build
> will fail in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.1.0b released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.1.0b of our open
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.2j released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.2j of our open
users should upgrade to 1.0.2j
The issue was reported to OpenSSL on 22nd September 2016 by Bruce Stephens and
Thomas Jakobi. The fix was developed by Matt Caswell of the OpenSSL development
team.
References
==
URL for this Security Advisory:
https://www.openssl.org/news/secadv/20160926.txt
On Mon, 2016-09-26 at 10:35 +, OpenSSL wrote:
> Content-Type: text/plain; charset="iso-8859-1"
> This issue was reported to OpenSSL on 23rd September 2016 by Robert Święcki
Found by whom? Welcome to the 21st century... :)
--
dwmw2
smime.p7s
Description: S/MIME cryptographic signature
The call to FIPS_crypto_set_id_callback() was added in revision
a43cfd7bb1fc681d563e,
but there is no prototype for it in .
---
This leads to warnings on some platforms (e.g. x86_64-ncp-linux-gnu-gcc):
o_init.c:77:5: warning: implicit declaration of function
'FIPS_crypto_set_id_callback'
Hi,
When building the OpenSSL 1.0.2i with -DHAVE_CRYPTODEV flag the build will fail
in crypto/engine/eng_cryptodev.c. I am using 64-bit Ubuntu 14.04 in my build
machine with gcc toolchain.
For me it looks like there has been a typo in the OPENSSL_malloc return value
check. Attached patch
We have a fix waiting for internal review; see GitHub issue 1546.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4686
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
11 matches
Mail list logo
