Advisory ID

12775

Release date

20160927

Last Updated

20160927

Issue Severity

None

 

Source

Source

openssl.org

Release date

20160926

CVSS v2 Base Score

Moderate

Problem Description

This issue only affects OpenSSL 1.0.2i, released on 22nd September 2016. A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. OpenSSL 1.0.2i users should upgrade to 1.0.2j.

 

Impact

None.

 

Affected Products

None - no FoxT products use OpenSSL 1.0.2i.

Workaround

N/A.

 

Obtaining Fixed Software

N/A.

External References

OpenSSL Security Advisory.










Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: April 16, 2019