[Bug 1626773] Re: CVE-2016-2182.patch has broken BN_bn2dec
Marc Deslauriers
marc.deslauriers at canonical.com
Fri Sep 23 18:27:40 UTC 2016
Can you see if the regression fix we published today fixes your issue?
http://www.ubuntu.com/usn/usn-3087-2/
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1626773
Title:
CVE-2016-2182.patch has broken BN_bn2dec
Status in openssl package in Ubuntu:
Incomplete
Bug description:
My software which links to libcrypto stopped working on both Ubuntu
12.04 / 14.04 / 16.04 last week.
The problem is that BN_bn2dec returns NULL all the time (without
setting an error message) even for valid input values. I think is a
bug in CVE-2016-2182.patch.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1626773/+subscriptions
More information about the foundations-bugs
mailing list