Pop-Up Thingie
Sidebar
>>> Magnum BBS <<<
Home
Forum
Files
Dark
Log in
Username
Password
Sidebar
Forum
Usenet
COMP.UNIX.BSD.OPENBSD.ANN
libcrypto errata
From
Ted Unangst
@21:1/5 to
All
on Tue May 3 16:50:02 2016
OpenSSL announced several issues today that also affect LibreSSL.
- Memory corruption in the ASN.1 encoder (CVE-2016-2108)
- Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
- EVP_EncodeUpdate overflow (CVE-2016-2105)
- EVP_EncryptUpdate overflow (CVE-2016-2106)
- ASN.1 BIO excessive memory allocation (CVE-2016-2109)
Thanks to OpenSSL for providing information and patches.
Refer to
https://www.openssl.org/news/secadv/20160503.txt
Patches for OpenBSD are available:
http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/005_crypto.patch.sig
http://ftp.openbsd.org/pub/OpenBSD/patches/5.8/common/013_crypto.patch.sig
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)
Who's Online
Recent Visitors
Yokzimo
Tue Jun 9 17:10:05 2026
from
Sw
via
Telnet
Regen
Tue Jun 9 16:45:02 2026
from
Brooklyn, Ny
via
Telnet
Bob Worm
Tue Jun 9 14:47:58 2026
from
Wales, Uk
via
Telnet
Krenn
Tue Jun 9 11:18:15 2026
from
Sydney, Nsw
via
Telnet
Bob Worm
Tue Jun 9 10:31:07 2026
from
Wales, Uk
via
Telnet
Centurion
Mon Jun 8 23:30:43 2026
from
Berea, Ohio
via
Telnet
Centurion
Mon Jun 8 21:33:11 2026
from
Berea, Ohio
via
Telnet
Bob Worm
Mon Jun 8 20:15:00 2026
from
Wales, Uk
via
Telnet
System Info
Sysop:
Keyop
Location:
Huddersfield, West Yorkshire, UK
Users:
716
Nodes:
16 (
2
/
14
)
Uptime:
50:52:30
Calls:
12,115
Calls today:
6
Files:
15,010
Messages:
6,518,557
Posted today:
1