On Fri, Jul 24, 2015 at 10:25:04AM +, ice via RT wrote:
> >What openssl version/platform are you using?
>
>
> $ openssl version
> OpenSSL 1.0.1j 15 Oct 2014
You seem to be affected by CVE-2014-3569 that only affects the
1.0.1j version.
Kurt
___
On Fri, Jul 24, 2015 at 10:25:04AM +, ice via RT wrote:
> >What openssl version/platform are you using?
>
>
> $ openssl version
> OpenSSL 1.0.1j 15 Oct 2014
You seem to be affected by CVE-2014-3569 that only affects the
1.0.1j version.
Kurt
___
On 06/15/2015 06:02 PM, Nico Williams wrote:
> On Thu, Jun 11, 2015 at 10:41:58AM +0200, Florian Weimer wrote:
>> Detecting things in libcrypto is very difficult on GNU/Linux due to the
>> way dynamic linking works.
>
> Details?
Detection based on weak symbols can break due to linking order (if t
On 07/21/2015 01:16 PM, Brad House wrote:
> I'm sure you're not the only one that will be needing to support 0.9.8
> after the
> official EOL. RedHat Enterprise Linux 5 comes to mind (supported until
> 3/2017),
> so there will definitely be others providing security related patches.
On the other
> And I use both gcc and clang with command “cc -g -Wall
-I../../include -lcrypto aesgcm.c" to compile the source code. Long
version: Note that the linker processes its libraries from left to
right, e.g. if you have an object file object.o and to libraries
liba.a and libb.a, then "cc object.o -la -
This transaction appears to have no content
binYAdydlKAnq.bin
Description: Binary data
bin67zpiQwKdm.bin
Description: Binary data
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>What openssl version/platform are you using?
$ openssl version
OpenSSL 1.0.1j 15 Oct 2014
Embedded environment based on x86
Regards,
Murphy.zhao
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On Thu, 2015-07-23 at 20:33 +, Salz, Rich via RT wrote:
> How about 256 on the stack?
Sure.
--
David WoodhouseOpen Source Technology Centre
david.woodho...@intel.com Intel Corporation
>From 57aa658b429b1962e2811c30e2b77edb85d134d3 Mon
On Thu, 2015-07-23 at 20:33 +, Salz, Rich via RT wrote:
> How about 256 on the stack?
Sure.
--
David WoodhouseOpen Source Technology Centre
david.woodho...@intel.com Intel Corporation
From 57aa658b429b1962e2811c30e2b77edb85d134d3 Mon S
On Thu, Jul 23, 2015 at 11:09:40PM +, Viktor Dukhovni wrote:
> Any chance you have a standalone test program that works with
> TLSv1_client_method(), but not with SSLv23_client_method() (and
> SSLv2 disabled). Such code if added to "make test" might ensure
> the problem does not come back afte
On Fri Jul 24 07:18:37 2015, murphy.z...@qq.com wrote:
> Somehow the method became 0x0 when processing SSLv3. for now all
> crashes occured with SSLv3 client requests. We have to disable SSLv2
> and SSLv3 support in the process.
> Could anyone help check what happened to make the "method" become 0x
The first place to look is to see if your program has any pointers errors that
are overwriting memory.
Try something like valgrind or ASAN.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi,
in my process, I expecienced too many SSL_accept() crashed when processing
SSLv3 client request.
(gdb) info stack
#0 0xb76e3f7a in SSL_accept () from /lib/libssl.so.1.0.0
#1 0x in ?? ()
#2 0xb76e3f56 in SSL_accept () from /lib/libssl.so.1.0.0
#3 0xbfc2ff23 in ?? ()
#4 0x08049d57
13 matches
Mail list logo