If it was discovered before the LibreSSL fork, there's a good chance
it has been fixed, otherwise the move from non-standard malloc
functions has probably nipped this one in the bud. That's my guess
based on what I know about LibreSSL.
On Fri, Oct 14, 2016 at 3:55 PM, Peter Janos wrote:
> Hello
Hello gods,
http://seclists.org/fulldisclosure/2016/Oct/62
->
https://github.com/guidovranken/openssl-x509-vulnerabilities
a little bit old, but LibreSSL got this?
The original X509_NAME decode free code was buggy: this
could result in double free or leaks if a malloc failure
occurred.
Simpli
2 matches
Mail list logo
