[Bug 1626773] Re: CVE-2016-2182.patch has broken BN_bn2dec broken in 1.0.1
OpenCPU
1626773 at bugs.launchpad.net
Fri Sep 23 07:08:03 UTC 2016
Below a minimal example:
https://gist.github.com/jeroenooms/cc9391276b160404c5a635f961bc06f6
** Summary changed:
- CVE-2016-2182.patch has broken BN_bn2dec broken in 1.0.1
+ CVE-2016-2182.patch has broken BN_bn2dec
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1626773
Title:
CVE-2016-2182.patch has broken BN_bn2dec
Status in openssl package in Ubuntu:
Incomplete
Bug description:
My software which links to libcrypto stopped working on both Ubuntu
12.04 / 14.04 / 16.04 last week.
The problem is that BN_bn2dec returns NULL all the time (without
setting an error message) even for valid input values. I think is a
bug in CVE-2016-2182.patch.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1626773/+subscriptions
More information about the foundations-bugs
mailing list