![]() |
|
Date: Mon, 14 Apr 2014 11:27:21 -0400 (EDT) From: cve-assign@...re.org To: sbauer@....utah.edu Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: Use-after-free race condition,in OpenSSL's read buffer -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > http://www.openbsd.org/errata55.html#004_openssl > http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig > http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup > http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse > https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest > https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest > > (not yet available at > http://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=ssl/s3_pkt.c;hb=701134320a94908d8c0ac513741cab41e215a7b5 > line 1337) Use CVE-2010-5298. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTS/3RAAoJEKllVAevmvmsSDcH/0yHd90E4aJfKbtlsIBfOi8p +XIdUtbWsYhFu97QjjubRkRO4KnRRmZJrygLcFN1XGJW80px8JZBqT1OW/vHSAwh rHaBLqEjl8z5MU41rlqSwnzjA17kG3pPvltOu8kYqiBEKn32YSMwU4ZCIYpa6+Sb LCiOM8iu5DX3VZrIjk4U/iStgOlxNs4i8Jv2xHy3oPSTspaO46LeeygTz6k9hlGr qk1Aek9gxr+FNk7MJ1kHsct3IUFq67TIBSgc3H7k/ucwOxh1VxfxVxsHgrgj0+N5 4/8b3ZoLsNN1UY91KW/qcRJfCsC9XEI7NqDF/uTJKJX74DRBqMeOYG4YtAXECLs= =mxUa -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.