CLD-8 Details
Other IDs this deficiency may be known by:
Basic Information:
Affected Package(s) |
openssl |
Deficiency Type |
SECURITY |
Date Created |
2017-09-05 10:14:57 |
Date Last Modified |
2017-11-02 21:50:59 |
Version Specific Information:
Cucumber 1.0 i686 | fixed in openssl-1.0.2m-i686-1 |
Cucumber 1.0 x86_64 | fixed in openssl-1.0.2m-x86_64-1 and openssl-lib_i686-1.0.2m-lib_i686-1 |
Cucumber 1.1 i686 |
fixed in openssl-1.0.2m-i686-1 |
Cucumber 1.1 x86_64 |
fixed in openssl-1.0.2m-x86_64-1 and openssl-lib_i686-1.0.2m-lib_i686-1 |
Details:
While parsing an IPAdressFamily extension in an X.509 certificate, it is
possible to do a one-byte overread. This would result in an incorrect text
display of the certificate. This bug has been present since 2006 and is present
in all versions of OpenSSL since then
(https://nvd.nist.gov/vuln/detail/CVE-2017-3735).
Note that the OpenSSL developers consider this a "low severity fix" and are
therefore not pushing out the patch until the next release of OpenSSL :/
(https://www.openssl.org/news/secadv/20170828.txt).
Maybe it's time we considered switching to LibreSSL.