CVE-2016-2176 (retired)

Priority
Description
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before
1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive
information from process stack memory or cause a denial of service (buffer
over-read) via crafted EBCDIC ASN.1 data.
Notes
 mdeslaur> only affects EBCDIC systems, not relevant for Ubuntu
Assigned-to
mdeslaur
Package
Upstream:released (1.0.1o, 1.0.2c)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-09-19 15:57:22 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)