I am using openssl-1.0.0e in my product. Here i want to know that OpenSSL is CVE-2016-2180 vulnerable or not.
https://github.com/openssl/openssl/commit/0ed26acce328ec16a3aa635f1ca37365e8c7403a?diff=unified In this page showing some information about CVE-2016-2180 vulnerability. Actually i read some information from the internet that, to reproduce this vulnerability need to "*create specially crafted time stamp file and used with the "openssl ts"*" command. How to create "specially crafted time stamp file". In the CVE-2016-2180 vulnerability talk about TS_OBJ_print_bio function creating the crash. This function is present in the openssl i have. Is there any patch available for this vulnerability. -- View this message in context: http://openssl.6102.n7.nabble.com/CVE-2016-2180-tp68032.html Sent from the OpenSSL - User mailing list archive at Nabble.com. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
