[openssl-dev] out-of-bounds read in BN_mod_exp_mont_consttime
Parag Chinchole
7.paragc at gmail.com
Tue Apr 28 19:56:01 UTC 2015
Hi,
BoringSSL reported an out-of-bounds read in BN_mod_exp_mont_consttime and appear to have patched it: https://boringssl-review.googlesource.com/#/c/1393/ <https://boringssl-review.googlesource.com/#/c/1393/>
How serious is this issue? Are there any plans for OpenSSL to use a similar fix too?
Cheers
Parag
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150428/17f79023/attachment.html>
More information about the openssl-dev
mailing list