[openssl-users] CVE-2016-2108 and openssl 0.9.8zf

Zhang, Lily (USD) lily.zhang at emc.com
Thu Aug 25 03:10:19 UTC 2016


Hi

>From the openssl website, it mentioned that CVE-2016-2108<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108> affected version of Openssl prior to April 2015.
We used openssl 0.98zf in our old product which was released several years ago.

Do you know if CVE-2016-2108<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108> affected version 0.9.8zf?  We want to get this info to plan our work.

Thanks
Lily

CVE-2016-2108<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108> (OpenSSL advisory) <https://www.openssl.org/news/secadv/20160503.txt> [High severity] 3rd May 2016: [https://www.openssl.org/img/up.gif] <https://www.openssl.org/news/vulnerabilities.html#toc>
This issue affected versions of OpenSSL prior to April 2015.

CVE-2016-2108<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108> (OpenSSL advisory) <https://www.openssl.org/news/secadv/20160503.txt> [High severity] 3rd May 2016: [https://www.openssl.org/img/up.gif] <https://www.openssl.org/news/vulnerabilities.html#toc>
*         Fixed in OpenSSL 1.0.1o (Affected 1.0.1n, 1.0.1m, 1.0.1l, 1.0.1k, 1.0.1j, 1.0.1i, 1.0.1h, 1.0.1g, 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1)
*         Fixed in OpenSSL 1.0.2c (Affected 1.0.2b, 1.0.2a, 1.0.2)


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160825/47c10fc4/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 76 bytes
Desc: image001.gif
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160825/47c10fc4/attachment.gif>


More information about the openssl-users mailing list