Could be worse, could be better
https://www.openssl.org/news/secadv_20150319.txt
---Mike
--
---
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, m...@sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-15:06.opensslSecurity Advisory
The FreeBSD Project
Topic:
Wow, thanks for the quick fix/commit Xin!!
---Mike
On 3/19/2015 1:55 PM, FreeBSD Security Advisories wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-15:06.openssl
> No workaround is available.
Isn't using OpenSSL from ports a workaround?
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/19/15 15:18, l...@lena.kiev.ua wrote:
>> No workaround is available.
>
> Isn't using OpenSSL from ports a workaround?
Not really as that does not solve problem for applications shipped
with base system.
Cheers,
- --
Xin LI https://www.d
I notice the posted patch includes a change to tasn_dec.c that doesn't work.
- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
- return *pval;
+ if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE)
+ ptmpval = *pval;
+ if (ASN1_item_ex_d
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
Please be advised that we have noticed some issues with
SA-15:06.openssl and are actively working on validating the fix. A
copy of draft errata patches is attached.
My apologies for this mess. Revised advisories would be announced
once we hav
