'Re: [oss-security] Stack buffer overflow in WolfSSL before 3.13.0'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Stack buffer overflow in WolfSSL before 3.13.0
From:       Yves-Alexis Perez <corsac () debian ! org>
Date:       2018-03-26 7:55:05
Message-ID: 1522050905.3114.4.camel () debian ! org
[Download RAW message or body]

On Sat, 2018-03-24 at 23:48 +0100, Hanno Böck wrote:
> https://blog.fuzzing-project.org/63-Stack-buffer-overflow-in-WolfSSL-before-3.13.0.html
> 
> During some tests of TLS libraries I found a stack buffer overflow
> vulnerability in the WolfSSL library. Finding this one was surprisingly
> simple: I had a wolfssl server that was compiled with address sanitizer
> and ran the SSL Labs test against it.

Hi,

was a CVE requested/assigned for this issue?

Regards,
-- 
Yves-Alexis
["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic