Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 26 Mar 2018 09:55:05 +0200
From: Yves-Alexis Perez <corsac@...ian.org>
To: oss-security@...ts.openwall.com, Hanno Böck
	 <hanno@...eck.de>
Subject: Re: Stack buffer overflow in WolfSSL before 3.13.0

On Sat, 2018-03-24 at 23:48 +0100, Hanno Böck wrote:
> https://blog.fuzzing-project.org/63-Stack-buffer-overflow-in-WolfSSL-before-3.13.0.html
> 
> During some tests of TLS libraries I found a stack buffer overflow
> vulnerability in the WolfSSL library. Finding this one was surprisingly
> simple: I had a wolfssl server that was compiled with address sanitizer
> and ran the SSL Labs test against it.

Hi,

was a CVE requested/assigned for this issue?

Regards,
-- 
Yves-Alexis
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ