If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k.
Product: |
web/server/apache-24 |
web/server/apache-24/module/apache-ssl |
web/server/apache-24/module/apache-ssl-fips-140 |
web/server/apache-24/module/apache-lua |
web/server/apache-24/module/apache-ldap |
web/server/apache-24/module/apache-gss |
web/server/apache-24/module/apache-dbd |
web/java-servlet/tomcat-8 |
web/java-servlet/tomcat-8/tomcat-examples |
web/java-servlet/tomcat-8/tomcat-admin |
web/curl |
terminal/cssh |
terminal/cssh-526 |
terminal/cssh-522 |
system/display-manager/gdm |
system/display-manager/desktop-startup |
runtime/tcl-8/tcl-sqlite-3 |
mail/thunderbird |
mail/thunderbird/plugin/thunderbird-lightning |
mail/mailman |
library/speech/espeak |
library/security/openssl |
library/security/openssl/openssl-fips-140 |
library/python/pyatspi2 |
library/python/pyatspi2-35 |
library/python/pyatspi2-34 |
library/python/pyatspi2-27 |
library/perl-5/xml-simple |
library/perl-5/xml-simple-526 |
library/perl-5/xml-simple-522 |
library/perl-5/xml-sax |
library/perl-5/xml-sax-base |
library/perl-5/xml-sax-base-526 |
library/perl-5/xml-sax-base-522 |
library/perl-5/xml-sax-526 |
library/perl-5/xml-sax-522 |
library/perl-5/xml-parser |
library/perl-5/xml-parser-526 |
library/perl-5/xml-parser-522 |
library/perl-5/xml-namespacesupport |
library/perl-5/xml-namespacesupport-526 |
library/perl-5/xml-namespacesupport-522 |
library/perl-5/xml-libxml |
library/perl-5/xml-libxml-526 |
library/perl-5/xml-libxml-522 |
library/perl-5/pmtools |
library/perl-5/pmtools-526 |
library/perl-5/pmtools-522 |
library/perl-5/perl-x11-protocol |
library/perl-5/perl-x11-protocol-526 |
library/perl-5/perl-x11-protocol-522 |
library/perl-5/perl-tk |
library/perl-5/perl-tk-526 |
library/perl-5/perl-tk-522 |
library/perl-5/net-ssleay |
library/perl-5/net-ssleay-526 |
library/perl-5/net-ssleay-522 |
library/perl-5/gettext |
library/perl-5/gettext-526 |
library/perl-5/gettext-522 |
library/perl-5/dbd-sqlite |
library/perl-5/dbd-sqlite-526 |
library/perl-5/dbd-sqlite-522 |
library/perl-5/dbd-mysql |
library/perl-5/dbd-mysql-526 |
library/perl-5/dbd-mysql-522 |
library/perl-5/database |
library/perl-5/database-526 |
library/perl-5/database-522 |
library/perl-5/authen-pam |
library/perl-5/authen-pam-526 |
library/perl-5/authen-pam-522 |
library/perl-5/CGI |
library/perl-5/CGI-526 |
library/perl-5/CGI-522 |
library/liblouis |
library/desktop/webkitgtk4 |
library/desktop/speech-dispatcher |
library/desktop/dotconf |
image/library/libjpeg |
diagnostic/wireshark |
diagnostic/wireshark/wireshark-common |
diagnostic/wireshark/tshark |
database/sqlite-3 |
database/sqlite-3/documentation |
database/mysql-57 |
database/mysql-57/tests |
database/mysql-57/library |
database/mysql-57/embedded |
database/mysql-57/client |
database/mysql-56 |
database/mysql-56/tests |
database/mysql-56/library |
database/mysql-56/client |
database/mysql-55 |
database/mysql-55/tests |
database/mysql-55/library |
database/mysql-55/client |