DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 1st December 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,150
Thanked 182 Times in 149 Posts
Default FreeBSD Security Advisory FreeBSD-SA-10:10.openssl

From http://lists.freebsd.org/pipermail/f...er/000151.html

Quote:
II. Problem Description

A race condition exists in the OpenSSL TLS server extension code
parsing when used in a multi-threaded application, which uses
OpenSSL's internal caching mechanism. The race condition can lead to
a buffer overflow. [CVE-2010-3864]

A double free exists in the SSL client ECDH handling code, when
processing specially crafted public keys with invalid prime
numbers. [CVE-2010-2939]
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Advisory for Flash Player, Adobe Reader and Acrobat J65nko News 0 6th June 2010 01:36 AM
FreeBSD FreeBSD security advisories J65nko News 0 27th May 2010 11:31 PM
OpenSSL Security Advisory [24 March 2010] J65nko News 0 29th March 2010 11:12 PM
Upcoming FreeBSD Security Advisory DNAeon FreeBSD Security 3 6th December 2009 04:34 PM
Mastering FreeBSD and OpenBSD Security anomie Book reviews 5 27th September 2008 03:59 AM


All times are GMT. The time now is 12:33 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick