Nginx-ru mailing list archive (nginx-ru@sysoev.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVE-2010-5298
- To: nginx-ru@xxxxxxxxx
- Subject: Re: CVE-2010-5298
- From: Anton Yuzhaninov <citrin@xxxxxxxxx>
- Date: Wed, 30 Apr 2014 14:18:14 +0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrin.ru; s=s0; t=1398853094; bh=7F4lBweRQoiecWtjvhmcZYP7aHAOjupquP6cQnWNjLg=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=wqo4WfE0fAbZUrO+LmWj1zBWHmakPl7XIQuDXqsdsRH82Inev5RzC6U6xOTN4zIgM tnRmiEL24dyPliZYZXWLGze0tRvKqQLwj4Mh2ycureoWuyANgTs6tNisnOPUW/EYPN v6O+ZnNkdQrCnsUEbh0CLLZ4ORWyNJAcBoUak3xk=
- In-reply-to: <19165983.Ak2yom2K7v@vbart-laptop>
- References: <5360BFDD.5040309@citrin.ru> <19165983.Ak2yom2K7v@vbart-laptop>
On 04/30/14 14:05, Валентин Бартенев wrote:
On Wednesday 30 April 2014 13:18:21 Anton Yuzhaninov wrote:
Подвержен ли nginx этой уязвимости в openssl:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5298
?
grep по исходникам показывает наличие
SSL_CTX_set_mode(ssl->ctx, SSL_MODE_RELEASE_BUFFERS);
Если верить описанию "in a multithreaded environment",
а nginx к таковым не относится.
Во FreeBSD-шном SA формулировка более общая:
The buffer may be released before the library have finished using it. It is
possible that a different SSL connection in the same process would use the
released buffer and write data into it.
_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://mailman.nginx.org/mailman/listinfo/nginx-ru
| 
