oss-sec mailing list archives
Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110)
From: Tavis Ormandy <taviso () cmpxchg8b com>
Date: Tue, 24 Apr 2012 16:31:51 +0200
On Tue, Apr 24, 2012 at 09:47:24AM +0200, Tomas Hoger wrote:
On Sun, 22 Apr 2012 19:44:56 +0400 Solar Designer wrote:Turns out that file was mangled in transit. Tavis has posted the correct one on this URL: http://lock.cmpxchg8b.com/openssl-1.0.1-testcase-32bit.crt.gz SHA-256: ac7acb168a6bfd65375eeec072acbf904f0f10e3bc5588c020aed4df4712d066If you test your 0.9.x updates with this reproducer from Tavis, you should still expect to see crashes, which are now corrected upstream in 0.9.8w: http://marc.info/?l=openssl-dev&m=133525318514423&w=2 This incomplete fix got CVE-2012-2131.
Oops, indeed I didn't test with the 0.9.x build. I had tried (and failed) to mail it to openssl-security, but their MTA rejected it, so just skipped it as the 1.0.0 patch seemed correct. At the risk of being flamed for my progressive views on email size, please turn up the limits for security aliases! :-) Tavis. -- ------------------------------------- taviso () cmpxchg8b com | pgp encrypted mail preferred -------------------------------------------------------
Current thread:
- OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) Solar Designer (Apr 20)
- Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) Solar Designer (Apr 22)
- Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) Solar Designer (Apr 22)
- Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) Tomas Hoger (Apr 24)
- Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) Tavis Ormandy (Apr 24)
- Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) Solar Designer (Apr 24)
- Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) Solar Designer (Apr 22)
- Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) Tavis Ormandy (Apr 24)
- Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) Solar Designer (Apr 22)