LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

openssl: off-by-one error

Package(s):openssl CVE #(s):CVE-2007-5135
Created:October 3, 2007 Updated:July 31, 2008
Description: From the Debian advisory: An off-by-one error has been identified in the SSL_get_shared_ciphers() routine in the libssl library from OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or potentially execute arbitrary code in the security context of the user running such an application.
Alerts:
rPath rPSA-2008-0241-1 2008-07-30
SuSE SUSE-SR:2008:005 2008-03-06
Red Hat RHSA-2007:1003-02 2007-11-15
Red Hat RHSA-2007:0813-01 2007-10-22
Fedora FEDORA-2007-2530 2007-10-18
Fedora FEDORA-2007-725 2007-10-15
SuSE SUSE-SR:2007:020 2007-10-12
Red Hat RHSA-2007:0964-01 2007-10-12
Debian DSA-1379-2 2007-10-10
Gentoo 200710-06 2007-10-07
Mandriva MDKSA-2007:193 2007-10-04
rPath rPSA-2007-0206-1 2007-10-03
Foresight FLEA-2007-0058-1 2007-10-03
Debian DSA-1379 2007-10-02
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds