oss-sec mailing list archives
CVE Request: openssl double free
From: Ludwig Nussel <ludwig.nussel () suse de>
Date: Wed, 11 Aug 2010 17:02:53 +0200
Hi, Georgi Guninski found a double free issue in openssl's client implementation: http://www.mail-archive.com/openssl-dev () openssl org/msg28043.html The affected code also is in pre 1.0 versions but only 1.0 uses ECDH for ssl by default AFAICT. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Current thread:
- CVE Request: openssl double free Ludwig Nussel (Aug 11)
- Re: CVE Request: openssl double free Solar Designer (Aug 11)
- Re: CVE Request: openssl double free Josh Bressers (Aug 12)