[openssl-users] CVE-2016-2180

sivagopiraju sivagopi059 at gmail.com
Thu Aug 25 08:21:40 UTC 2016

I am using openssl-1.0.0e in my product. Here i want to know that OpenSSL is
CVE-2016-2180 vulnerable or not.

In this page showing some information about CVE-2016-2180 vulnerability.

Actually i read some information from the internet that, to reproduce this
vulnerability need to "*create specially crafted time stamp file and used
with the "openssl ts"*" command. How to create "specially crafted time stamp

In the CVE-2016-2180 vulnerability talk about TS_OBJ_print_bio function
creating the crash. This function is present in the openssl i have.

Is there any patch available for this vulnerability.

View this message in context: http://openssl.6102.n7.nabble.com/CVE-2016-2180-tp68032.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

More information about the openssl-users mailing list