CVE-2016-2176

Priority
Description
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before
1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive
information from process stack memory or cause a denial of service (buffer
over-read) via crafted EBCDIC ASN.1 data.
Assigned-to
mdeslaur
Notes
mdeslauronly affects EBCDIC systems, not relevant for Ubuntu
Package
Upstream:released (1.0.1o, 1.0.2c)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2020-09-10 05:07:12 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)