6 matches found
curl: rustls backend silently ignores CURLOPT_CRLFILE when native CA store is active
Hi all, When the rustls backend is configured to use the OS native CA store --ca-native / CURLSSLOPTNATIVECA, any CRL file supplied via --crlfile / CURLOPTCRLFILE is silently ignored. The option is accepted — CURLEOK from curleasysetopt, exit 0 from the command line — and revoked certificates pas...
GnuPG libksba CRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of CRL...
Fedora 29 : mosquitto (2019-d99e2329cb)
1.6.7 ===== Broker : - Add workaround for working with libwebsockets 3.2.0. - Fix potential crash when reloading config. Client library : - Don't use / in autogenerated client ids, to avoid confusing with topics. - Fix mosquittomaxinflightmessagesset and mosquittointoption..., MOSQOPTMAX,...
Fedora 31 : mosquitto (2019-4c69fb4cd7)
1.6.7 ===== Broker : - Add workaround for working with libwebsockets 3.2.0. - Fix potential crash when reloading config. Client library : - Don't use / in autogenerated client ids, to avoid confusing with topics. - Fix mosquittomaxinflightmessagesset and mosquittointoption..., MOSQOPTMAX,...
CVE-2011-2633
Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service application crash via vectors involving a Certificate Revocation List CRL file, as demonstrated by the multicert-ca-02.crl file...
CVE-2011-2633
Opera browser contains a vulnerability tracked as CVE-2011-2633 (part of a set of Opera CVEs in 2011) where processing a Certificate Revocation List (CRL) file can cause an application crash resulting in denial of service. The initial entry specifies Opera before 11.11; Gentoo GLSA 201206-03 and ...