[openssl-users] OpenSSL 1.0.2: CVE-2018-5407 PortSmash

Billy Brumley bbrumley at gmail.com
Thu Nov 8 12:26:41 UTC 2018


Howdy,

> According to the following website:
>      https://www.openwall.com/lists/oss-security/2018/11/01/4
>
> OpenSSL <= 1.1.0h is affected.
> Does that mean the problem also exist in the OpenSSL 1.0.2 release?

Yes, it does. Pending review:

https://github.com/openssl/openssl/pull/7593

BBB


More information about the openssl-users mailing list