OpenSSL DoS/PoC in milw0rm
Oliver Pinter
oliver.pntr at gmail.com
Fri Jun 5 09:51:29 UTC 2009
thanks for the fast reply, and the patch
On 6/5/09, Eygene Ryabinkin <rea-fbsd at codelabs.ru> wrote:
> Thu, Jun 04, 2009 at 10:15:34PM +0200, Oliver Pinter wrote:
>> the base system contins 0.9.8e and this PoC is affected up to 0.9.8i
>
> There was combined PR for the ports/base system OpenSSL,
> http://www.freebsd.org/cgi/query-pr.cgi?pr=134653
>
> Probably more complete patch for DTLS stuff,
> http://sctp.fh-muenster.de/dtls/dtls-bugs.patch
> that additionally fixes MTU problems and other stuff can be integrated
> to the base system as it was recently done with the security/openssl.
> I am in ENOTIME now, so I'm not able to test these patches myself, sorry.
> --
> Eygene
> _ ___ _.--. #
> \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
> / ' ` , __.--' # to read the on-line manual
> )/' _/ \ `-_, / # while single-stepping the kernel.
> `-'" `"\_ ,_.-;_.-\_ ', fsc/as #
> _.-'_./ {_.' ; / # -- FreeBSD Developers handbook
> {_.-``-' {_/ #
>
More information about the freebsd-security
mailing list