Michael's point should be asked and answered first for your environment.
To find all of the OpenSSL bits used on a windows system you would use
Powershell or a tool that flexes its use like PDQ Inventory. There is a
steep learning curve and it is probably off topic for this group but there
are
That is good to hear as it touches many things. Thanks for letting me know.
Job
-Original Message-
From: Tomas Mraz
Sent: Monday, October 24, 2022 1:58 AM
To: Job Cacka ; openssl-users@openssl.org
Subject: Re: CVE-2022-37454 SHA-3 buffer overflow
The implementation of SHA-3
to retain the original
functionality. Alternatively, one can process the entire input (or produce
the entire output) at once, avoiding the queuing functions altogether.
From: Job Cacka
Sent: Friday, October 21, 2022 11:33 AM
To: 'openssl-users@openssl.org'
Subject: CVE-2022-37454 SHA-3 buffer
I was reading that SHA-3 has a buffer overflow in the C implementation that
is used by PHP and Python.
https://nvd.nist.gov/vuln/detail/CVE-2022-37454
https://mouha.be/sha-3-buffer-overflow/
How does OpenSSL implement SHA-3 in the following algorithms? Is SHA3 only
used in SHA3-224,