Date: Mon, 26 Mar 2018 09:55:05 +0200 From: Yves-Alexis Perez <corsac@...ian.org> To: oss-security@...ts.openwall.com, Hanno Böck <hanno@...eck.de> Subject: Re: Stack buffer overflow in WolfSSL before 3.13.0 On Sat, 2018-03-24 at 23:48 +0100, Hanno Böck wrote: > https://blog.fuzzing-project.org/63-Stack-buffer-overflow-in-WolfSSL-before-3.13.0.html > > During some tests of TLS libraries I found a stack buffer overflow > vulnerability in the WolfSSL library. Finding this one was surprisingly > simple: I had a wolfssl server that was compiled with address sanitizer > and ran the SSL Labs test against it. Hi, was a CVE requested/assigned for this issue? Regards, -- Yves-Alexis Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ