FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

LibreSSL -- Arbitrary memory read

Affected packages
		libressl	<	3.5.4
		libressl-devel	<	3.6.2

Details

VuXML ID	1dd84344-a7da-11ed-86e9-d4c9ef517024
Discovery	2023-02-08
Entry	2023-02-08

The OpenBSD project reports:

A malicious certificate revocation list or timestamp response token would allow an attacker to read arbitrary memory.

[source]

References

URL	https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.4-relnotes.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.