On Thursday, 25 March 2021 15:03:24 CET, OpenSSL wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL Security Advisory [25 March 2021]
=
NULL pointer deref in signature_algorithms processing (CVE-2021-3449)
=
On 10/09/2020 16:14, Jakob Bohm via openssl-users wrote:
> On 2020-09-10 09:03, Tomas Mraz wrote:
>> On Wed, 2020-09-09 at 22:26 +0200, Jakob Bohm via openssl-users wrote:
>>> Wouldn't a more reasonable response for 1.0.2 users have been to
>>> force on
>>> SSL_OP_SINGLE_DH_USE rather than reckl
On 2020-09-10 09:03, Tomas Mraz wrote:
On Wed, 2020-09-09 at 22:26 +0200, Jakob Bohm via openssl-users wrote:
Wouldn't a more reasonable response for 1.0.2 users have been to
force on
SSL_OP_SINGLE_DH_USE rather than recklessly deprecating affected
cipher
suites
and telling affected people to re
On Wed, 2020-09-09 at 22:26 +0200, Jakob Bohm via openssl-users wrote:
> Wouldn't a more reasonable response for 1.0.2 users have been to
> force on
> SSL_OP_SINGLE_DH_USE rather than recklessly deprecating affected
> cipher
> suites
> and telling affected people to recompile with the fix off?
Yo
On 2020-09-09 14:39, OpenSSL wrote:
OpenSSL Security Advisory [09 September 2020]
=
Raccoon Attack (CVE-2020-1968)
==
Severity: Low
The Raccoon attack exploits a flaw in the TLS specification which can lead to
an attacker
That makes sense, thank you all.
On 21/04/2020 20:46, Sam Roberts wrote:
> The announcement claims that this affects SSL_check_chain().
>
> Is that an exhaustive list? If an application does NOT call that
> function, does this mean the vulnerability is not exploitable?
As Ben says - this is correct.
>
> I ask because the the
On Tue, Apr 21, 2020 at 12:46:43PM -0700, Sam Roberts wrote:
> The announcement claims that this affects SSL_check_chain().
>
> Is that an exhaustive list? If an application does NOT call that
> function, does this mean the vulnerability is not exploitable?
That is correct (speaking only in terms
The announcement claims that this affects SSL_check_chain().
Is that an exhaustive list? If an application does NOT call that
function, does this mean the vulnerability is not exploitable?
I ask because the the fixed function tls1_check_sig_alg is called by
tls1_check_chain, and that is called di
Having reviewed the git commit for 1.1.1 I notice the following issue:
The environment variables that usually point to the secure administrator
directories (such as "Program Files") are not themselves secured, and not
intended as a secure means of obtaining these directory locations, which
are (b
Thanks.
-Original Message-
From: openssl-users On Behalf Of Matt
Caswell
Sent: Wednesday, February 27, 2019 11:18 AM
To: openssl-users@openssl.org
Subject: Re: OpenSSL Security Advisory
On 27/02/2019 18:43, Scott Neugroschl wrote:
> Is this a client-side or server-side vulnerabil
On 27/02/2019 18:43, Scott Neugroschl wrote:
> Is this a client-side or server-side vulnerability? Or does it matter?
It can apply to either side.
Matt
>
> Thanks,
>
> ScottN
>
> ---
> Scott Neugroschl | XYPRO Technology Corporation
> 4100 Guardian Street | Suite 100 |Simi Valley, CA 930
Is this a client-side or server-side vulnerability? Or does it matter?
Thanks,
ScottN
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805
583-2874|Fax 805 583-0124 |
-Original Message-
From: openssl-users On Behal
In 0.9.8za, there is a missing compiler directive to
include limits.h in ssl/s3_pkt.c. Without it, compiling
fails on SPARC Solaris 10 with INT_MAX being undefined on
line 536, which looks like:
OPENSSL_assert(s->s3->wnum < INT_MAX);
It appears that 1.0.0m has the same problem. I haven't l
On 6/5/2014 11:31 PM, Green, Gatewood wrote:
Openssl-0.9.8za will not build in FIPS mode. The openssl-fips-1.2(.4) seems to
be missing the symbol BN_consttime_swap.
By the way, the BN_consttime_swap implementation in 1.0.1g (still
downloading 1.0.1h) doesn't seem to completely match its
descr
The redhat podcast with Mark (Cox) probably answers this best;
http://bit.ly/Th64oP
On Thu, Jun 5, 2014 at 12:04 PM, Juha Saarinen wrote:
> Hi Steve,
>
> That’s quite a few in one go - is this due to greater testing of OpenSSL
> and more scrutiny of the code by the community?
>
> Of the flaws
Openssl-0.9.8za will not build in FIPS mode. The openssl-fips-1.2(.4) seems to
be missing the symbol BN_consttime_swap.
Woody
Gatewood C Green Jr (Woody)
Principal Software Engineer, Product Security Champion
SIEM Engineering
McAfee. Part of Intel Security.
Direct: 208.552.8269
Mobile: 208.206.7
Hi Steve,
That’s quite a few in one go - is this due to greater testing of OpenSSL and
more scrutiny of the code by the community?
Of the flaws listed, which is the one of most concern?
This kind of begs the question what to do with all those embedded systems that
run older versions of OpenSSL
In 0.9.8za at least, there is a missing directive to include limits.h.
Without it, compilation fails on SPARC Solaris 10 with INT_MAXbeing
undefined on line 536, which looks like:
OPENSSL_assert(s->s3->wnum < INT_MAX);
It appears that 1.0.0m has the same problem. I haven't looked at
1.0.1h
On 11/04/2014 12:58 AM, Viktor Dukhovni wrote:
> guru@hein:~/openssl-1.0.1f/apps> (sleep 3 ; echo B ; sleep 3) | ./openssl
> s_client -connect www.openssl.org:443
If you are using s_client for testing then you should add the -msg
option and see what is being sent.
Responding to a correctly forme
some nice pictures how the bug works: http://www.xkcd.com/1354/
HIH
matthias
--
Sent from my FreeBSD netbook
Matthias Apitz, , http://www.unixarea.de/ f: +49-170-4527211
UNIX since V7 on PDP-11, UNIX on mainframe since ESER 1055 (IBM /370)
UNIX on x86 since SVR4.2 UnixWare 2.1.2, FreeB
Ah, of course! I was so focused on not accessing that routine and not
being able to just link in the "obj" files that the obvious solution of
using the library properly escaped me! Thanks.
After a "Visual Studio 2012" build in directory:
E:\usr_local\src\openssl-1.0.1f_32
I then was able put t
On Apr 12, 2014, at 5:40 PM, Michael Tuexen
wrote:
>>
>> "Introduced with intent" vs. "known to the NSA" -- two
>> different things, right?
> My statement was referring to the "Introduced with intend".
Understood. I'm personally quite sure it *wasn't* introduced
with intent, which is why I
On 12 Apr 2014, at 21:43, Michael Smith wrote:
>
> On Apr 12, 2014, at 3:08 PM, Michael Tuexen
> wrote:
>>>
>> I have read the rumor. It is wrong.
>
> "Introduced with intent" vs. "known to the NSA" -- two
> different things, right?
My statement was referring to the "Introduced with inten
El día Saturday, April 12, 2014 a las 03:43:29PM -0400, Michael Smith escribió:
>
> On Apr 12, 2014, at 3:08 PM, Michael Tuexen
> wrote:
> >>
> > I have read the rumor. It is wrong.
>
> "Introduced with intent" vs. "known to the NSA" -- two
> different things, right?
>
> I don't have any
El día Saturday, April 12, 2014 a las 03:43:29PM -0400, Michael Smith escribió:
>
> On Apr 12, 2014, at 3:08 PM, Michael Tuexen
> wrote:
> >>
> > I have read the rumor. It is wrong.
>
> "Introduced with intent" vs. "known to the NSA" -- two
> different things, right?
>
> I don't have any
On 12/04/14 21:30, Matthias Apitz wrote:
>> http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4817504d069b4c5082161b02a22116ad75f822b1
>
> Thanks for the git diff (and the other statements). Could you please be
> so kind and point to the exact place of the offending statement (or
> missing b
On Apr 12, 2014, at 3:08 PM, Michael Tuexen
wrote:
>>
> I have read the rumor. It is wrong.
"Introduced with intent" vs. "known to the NSA" -- two
different things, right?
I don't have any direct knowledge of what goes on in the
NSA, but if they don't have a whole cubicle farm full
of p
El día Saturday, April 12, 2014 a las 09:30:22PM +0200, Matthias Apitz escribió:
> El día Saturday, April 12, 2014 a las 09:08:15PM +0200, Michael Tuexen
> escribió:
>
> > > What is the exact bug, can someone show a svn/git diff of the first
> > > source version having the bug?
> > http://git.op
On 12 Apr 2014, at 21:30, Matthias Apitz wrote:
> El día Saturday, April 12, 2014 a las 09:08:15PM +0200, Michael Tuexen
> escribió:
>
>>> What is the exact bug, can someone show a svn/git diff of the first
>>> source version having the bug?
>> http://git.openssl.org/gitweb/?p=openssl.git;a=com
El día Saturday, April 12, 2014 a las 09:08:15PM +0200, Michael Tuexen escribió:
> > What is the exact bug, can someone show a svn/git diff of the first
> > source version having the bug?
> http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4817504d069b4c5082161b02a22116ad75f822b1
> >
Hi,
On 12 Apr 2014, at 17:43, Matthias Apitz wrote:
> El dÃa Wednesday, April 09, 2014 a las 01:05:22AM -0700, monloi perez
> escribió:
>
>> True. Thanks for the quick reply.
>>
>>
>> On Wednesday, April 9, 2014 3:33 PM, Alan Buxey
>> wrote:
>>
>> https://www.openssl.org/news/changelog.html
El dÃa Wednesday, April 09, 2014 a las 01:05:22AM -0700, monloi perez
escribió:
> True. Thanks for the quick reply.
>
>
> On Wednesday, April 9, 2014 3:33 PM, Alan Buxey
> wrote:
>
> https://www.openssl.org/news/changelog.html
>
> 1.0.1 introduced the heartbeat support.
>
> 1.0.0 and ea
On 11/04/2014 10:38 PM, Steven Kneizys wrote:
> The same issue when I tried to port over to windows,
> the ssl3_write_bytes is not exposed in the library. There doesn't
> seem to be an easy workaround that I can see.
The work around is trivial if you wanted to do that.
Change to use the SSL_get_
Thanks Leonardo!
On 11/04/14 13:54, Leonardo Secci wrote:
In debian I solved linking directly static library.
gcc -ansi -pedantic -o heartbleed heartbleed.c -lcrypto \
/usr/lib/x86_64-linux-gnu/libssl.a
Regards
In data venerdì 11 aprile 2014 08:38:07, Steven Kneizys ha scritto:
The s
In debian I solved linking directly static library.
gcc -ansi -pedantic -o heartbleed heartbleed.c -lcrypto \
/usr/lib/x86_64-linux-gnu/libssl.a
Regards
In data venerdì 11 aprile 2014 08:38:07, Steven Kneizys ha scritto:
> The same issue when I tried to port over to windows, the ssl3_wri
@openssl.org
Subject: Re: OpenSSL Security Advisory
On 10.04.2014 13:16, Rob Stradling wrote:
On 09/04/14 20:43, Salz, Rich wrote:
Can you please post a "good" and a "bad" server
example. I have tested a lot of servers, including 'akama
The same issue when I tried to port over to windows, the ssl3_write_bytes
is not exposed in the library. There doesn't seem to be an easy workaround
that I can see.
Steve...
On Fri, Apr 11, 2014 at 7:40 AM, Walter H. wrote:
> On 10.04.2014 13:16, Rob Stradling wrote:
>
> On 09/04/14 20:43, Sal
On 10.04.2014 13:16, Rob Stradling wrote:
On 09/04/14 20:43, Salz, Rich wrote:
Can you please post a "good" and a "bad" server example. I have
tested a lot of servers, including 'akamai.com', and they all show
HEARTBEATING at the end:
Look at Victor's recent post about how to patch openssl/s_
On Thu, Apr 10, 2014 at 10:57:35AM +0200, Matthias Apitz wrote:
> I have instrumented an openssl 1.0.1f as posted by Victor:
>
> guru@hein:~/openssl-1.0.1f> diff ssl/t1_lib.c.unpatched
> ssl/t1_lib.c
> 2671c2671
> < s2n(payload, p);
> ---
> > s2n(0x4000, p);
>
> but I still see HEART
On 09/04/14 20:43, Salz, Rich wrote:
Can you please post a "good" and a "bad" server example. I have tested a lot of
servers, including 'akamai.com', and they all show HEARTBEATING at the end:
Look at Victor's recent post about how to patch openssl/s_client to make your
own test. That's the
> > -Original Message-
> > From: Matthias Apitz [mailto:g...@unixarea.de]
> > Sent: Thursday, April 10, 2014 6:41 AM
> > To: Apitz,Matthias
> > Subject: Fwd: RE: OpenSSL Security Advisory
> >
> > - Forwarded message from "Salz, Rich&
> Can you please post a "good" and a "bad" server example. I have tested a lot
> of servers, including 'akamai.com', and they all show HEARTBEATING at the end:
Look at Victor's recent post about how to patch openssl/s_client to make your
own test. That's the simplest. My example tests only for
> - Forwarded message from "Salz, Rich" -
>
> Date: Wed, 9 Apr 2014 09:54:25 -0400
> From: "Salz, Rich"
> To: "openssl-users@openssl.org"
> Subject: RE: OpenSSL Security Advisory
>
> Ø How do I determine whether or not the we
Ø I get the heartbeating message on both unpatched and patched servers.
Should that make me worry about the patched machines?
Not necessarily. If they updated to the 'g' release, then they are doing
buffer-overrun checking and you're safe. You can probably find out by
connecting to your serv
On Wed, Apr 09, 2014 at 10:55:23AM -0400, Ted Byers wrote:
> I get the heartbeating message on both unpatched and patched servers.
> Should that make me worry about the patched machines?
No, unfortunately both patched and unpatched systems respond the
same way to valid heartbeat requests as send
Thanks Patrick.
Apache lounge already has a patched release released. So, once I deploy
that, and get my certificates reissued, I ought to be OK.
Thanks
Ted
--
R.E.(Ted) Byers, Ph.D.,Ed.D.
On Wed, Apr 9, 2014 at 8:37 AM, Eisenacher, Patrick <
patrick.eisenac...@bdr.de> wrote:
> Hi Ted,
>
Thanks Rich,
I have obtained the new, patched, release of Apache from Apache lounge, and
applied the patch to one server, which the online services say fix the
problem on it, but your simple way of checking still says heartbeating at
the end. Does that mean that the patch didn't truly work?
I ge
Ø How do I determine whether or not the web servers I run are affected?
Here's a simple way:
echo B | openssl s_client -connect $HOST:$PORT
if you see "heartbeating" at the end, then $HOST is vulnerable.
How can you tell if private keys have been taken? You can't, really. You ca
Hi Ted,
> -Original Message-
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
>
> How do I determine whether or not the web servers I run are affected?
> They are Apache 2.4, built for 64 bit Windows and downloaded from
> Apachelounge. I have no idea what version of openssl
http://filippo.io/Heartbleed/#www.unlocator.com
On Wed, Apr 9, 2014 at 2:05 PM, Ted Byers wrote:
> How do I determine whether or not the web servers I run are affected?
> They are Apache 2.4, built for 64 bit Windows and downloaded from
> Apachelounge. I have no idea what version of openssl it
How do I determine whether or not the web servers I run are affected? They
are Apache 2.4, built for 64 bit Windows and downloaded from Apachelounge.
I have no idea what version of openssl it was built with. Does anyone here
know if the feature that introduces the risk can be turned off, without
True. Thanks for the quick reply.
On Wednesday, April 9, 2014 3:33 PM, Alan Buxey wrote:
https://www.openssl.org/news/changelog.html
1.0.1 introduced the heartbeat support.
1.0.0 and earlier are fortunate in that they didnt have it.but then they
didnt have things to stop you from being
https://www.openssl.org/news/changelog.html
1.0.1 introduced the heartbeat support.
1.0.0 and earlier are fortunate in that they didnt have it.but then they
didnt have things to stop you from being BEASTed so some you win, some you
lose. ;)
alan
Hi,
Is OpenSSL 0.9.7d vulnerable? Can seem to confirm based on the list of
affected services from this site http://heartbleed.com/.
Regards,
Mon
On Tuesday, April 8, 2014 3:01 AM, OpenSSL wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL Security Advisory [07 Apr 2014]
==
On Mon 12/03/12 4:02 PM , open...@master.openssl.org (OpenSSL) sent:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>OpenSSL Security Advisory [12 Mar 2012]
FTAO Dr Steve Henson,
Not that it's important, but the FAQ in 0.9.8u archive says:
* Which is the current version of OpenSSL?
T
On 1/19/2012 10:59 AM, John A. Wallace wrote:
The windows binaries do not appear to have been upgraded yet. It is possible
that some of them are affected, I should think. Thanks.
They are up now.
-Original Message-
From: owner-openssl-annou...@openssl.org [mailto:owner-openssl-
OpenS
The windows binaries do not appear to have been upgraded yet. It is possible
that some of them are affected, I should think. Thanks.
> -Original Message-
> From: owner-openssl-annou...@openssl.org [mailto:owner-openssl-
> annou...@openssl.org] On Behalf Of OpenSSL
> Sent: Wednesday, Januar
I will be on vacation from Sep/05/2011 thru Sep/16/2011 (back in the office on
Sep 19).
Have a great day !
Huie-Ying
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
On Tue, Sep 06, 2011 at 03:40:30PM +0200, OpenSSL wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> OpenSSL Security Advisory [6 September 2011]
>
> Two security flaws have been fixed in OpenSSL 1.0.0e
>
> CRL verification vulnerability in OpenSSL
> ===
> -Original Message-
> From: owner-openssl-us...@openssl.org
>
> > ssl/s2_srvr.c ssl/s3_srvr.c : The error in those two file seems to mean
> > that server verification of DSA signed clients certificates is also
> > affected.
> >
>
> DSA cannot be used with SSLv2 so it is not .
Is it
On Fri, Jan 09, 2009, Jean-Marc Desperrier wrote:
>
> Stephen, can you elaborate on that response because from the patch it seems
> that more than only client validation of the server signature in SSL
> sessions is affected.
>
> cms/cms_sd.c is affected, but the consequence is only a missing err
Dr. Stephen Henson wrote:
On Wed, Jan 07, 2009, Victor Duchovni wrote:
This is not very clear to me. Which signatures are poorly verified:
1. The server's signature on SSL/TLS protocol messages that must
be signed under the server's private key (corresponding to the
private k
This vulnerability only comes into play during active TLS sessions.
Certificate chain validation is not affected.
S/MIME is not affected.
Quoting Dr Henson (a later message, Message-ID
<20090107184137.ga99...@openssl.org>):
> Certificate chain validation is not affected nor other forms of DSA/ECD
--- On Wed, 1/7/09, Dr. Stephen Henson wrote:
> Incorrect checks for malformed signatures
> - ---
It is not perfectly clear to me if regular certificate validiations and smime
signature validiation is also affected by this. Could you please elaborate if
> Does the release of 0.9.8j also include the FIPS module support?
> (i.e., is this a bug-fix only release, or does this include what you
> have been working on for the past few months as well?)
The actual 0.9.8j release announcement stated:
"This is the first full release of OpenSSL that can lin
On Wed, Jan 07, 2009 at 07:46:59PM -0700, Thomas J. Hruska wrote:
> I forgot to ask earlier today, but does the security vulnerability
> affect 0.9.7m?
Yes, but only in the unlikely case that you operate clients that establish
authenticated sessions with servers that use DSA certificates. This s
Kyle Hamilton wrote:
I got the notice of the release several hours after the security
advisory. Not sure what happened, but I've since received it.
Thank you, Dr Henson and everyone who works on OpenSSL!
-Kyle H
On Wed, Jan 7, 2009 at 5:23 PM, Giang Nguyen wrote:
Does the release of 0.9.8j
I got the notice of the release several hours after the security
advisory. Not sure what happened, but I've since received it.
Thank you, Dr Henson and everyone who works on OpenSSL!
-Kyle H
On Wed, Jan 7, 2009 at 5:23 PM, Giang Nguyen wrote:
>
>> Does the release of 0.9.8j also include the FI
> Does the release of 0.9.8j also include the FIPS module support?
do you mean anything other than this?
http://www.mail-archive.com/openssl-users@openssl.org/msg55535.html
This is the first full release of OpenSSL that can link against the
validated FIPS module version 1.2
Does the release of 0.9.8j also include the FIPS module support?
(i.e., is this a bug-fix only release, or does this include what you
have been working on for the past few months as well?)
-Kyle H
On Wed, Jan 7, 2009 at 4:10 AM, Dr. Stephen Henson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Ha
On Wed, Jan 07, 2009, Victor Duchovni wrote:
>
> This is not very clear to me. Which signatures are poorly verified:
>
>1. The server's signature on SSL/TLS protocol messages that must
> be signed under the server's private key (corresponding to the
> private key in its certifica
On Wed, Jan 07, 2009 at 02:17:09PM +0100, Dr. Stephen Henson wrote:
> Several functions inside OpenSSL incorrectly checked the result after
> calling the EVP_VerifyFinal function, allowing a malformed signature
> to be treated as a good signature rather than as an error. This issue
> affected the
Is it just me, or is this advisory not linked to on the main webpage?
Kris
PGP signature
74 matches
Mail list logo
