Date: Thu, 04 Oct 2007 07:09:03 -0700 From: Colin Percival <cperciva@freebsd.org> To: Alexandre Biancalana <biancalana@gmail.com> Cc: questions@freebsd.org Subject: Re: What is affected by FreeBSD-SA-07:08.openssl ? Message-ID: <4704F3FF.1030300@freebsd.org> In-Reply-To: <8e10486b0710040653w291bb6e2h2a73cd41812b0b70@mail.gmail.com> References: <8e10486b0710040653w291bb6e2h2a73cd41812b0b70@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Alexandre Biancalana wrote: > $ grep -lr SSL_get_shared_ciphers /usr/src 2> /dev/null > /usr/src/crypto/openssl/apps/s_client.c > /usr/src/crypto/openssl/apps/s_server.c > /usr/src/crypto/openssl/doc/ssleay.txt > /usr/src/crypto/openssl/doc/ssl/ssl.pod > /usr/src/crypto/openssl/ssl/ssl.h > /usr/src/crypto/openssl/ssl/ssl_lib.c > /usr/src/crypto/openssl/util/ssleay.num > /usr/src/secure/lib/libssl/man/ssl.3 > > Doesn't revel much about what is affected by this bug.... Have someone made > some deeper analysis about what is affected ? It doesn't look like anything in the base system uses this function, but I just zgrepped my /usr/ports/distfiles and found that mysql uses this if it is compiled with DBUG_OFF not defined. Assuming that you keep all of your ports distfiles, you can run $ zgrep -R SSL_get_shared_ciphers /usr/ports/distfiles and any applications which use said function will probably show up. But as for a deep analysis -- not that I'm aware of. We fixed this because there might be an application which used this function in a way which made this buffer overflow exploitable, not because we knew that such an application existed. Colin Percival FreeBSD Security Officer
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4704F3FF.1030300>