Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Thread Tools Display Modes
  #1   (View Single Post)  
Old 20th April 2012
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,507
Default New version of OpenSSL closes security holes in ASN1 parser

From http://h-online.com/-1543932

Tavis Ormandy from the Google Security Team has notified the OpenSSL developers of a security hole in the current version of their open source library. The errors occur when parsing ASN1 data via the asn1_d2i_read_bio() function. According to the official OpenSSL advisory and Ormandy's message, the issue affects applications that process external X.509 certificates or public RSA keys.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Joomla! 2.5.4 closes more security holes J65nko News 0 5th April 2012 01:49 AM
Security Chrome 16 update closes security holes J65nko News 1 24th January 2012 11:12 PM
Dusseldorf airport closes security holes J65nko News 1 20th January 2012 10:35 AM
PHP 5.3.7 update closes security holes J65nko News 2 22nd August 2011 02:17 PM
PHP 5.3.6 closes five security holes J65nko News 2 17th March 2011 07:49 PM

All times are GMT. The time now is 04:00 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick