![[BACK]](/icons/back.gif){kind=icon}
Return to errata56.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www|
Return to errata56.html CVS log | Up to [local] / www |
| version 1.31, 2015/06/11 18:10:53 | version 1.32, 2015/06/11 22:45:21 | ||
|---|---|---|---|
|
|
||
| <li>CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time | <li>CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time | ||
| <li>CVE-2015-1792 - CMS verify infinite loop with unknown hash function | <li>CVE-2015-1792 - CMS verify infinite loop with unknown hash function | ||
| </ul> | </ul> | ||
| Note that CMS was already disabled in LibreSSL. | |||
| Several other issues did not apply or were already fixed and one is under review.<br> | |||
| For more information, see the | |||
| <a href="https://www.openssl.org/news/secadv_20150611.txt">OpenSSL advisory</a>. | |||
| <br> | |||
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/026_openssl.patch.sig"> | <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/026_openssl.patch.sig"> | ||
| A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
| <p> | <p> |