projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7388b43) | patch
Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and
authorDr. Stephen Henson <steve@openssl.org>
Thu, 10 May 2012 16:03:52 +0000 (16:03 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 10 May 2012 16:03:52 +0000 (16:03 +0000)
commitc46ecc3a55bcbbe4ff31da3864d015e343b0189f
tree9596e19677fc82e9605006d8f35320bfd32ec52dtree | snapshot
parent7388b43cae035484036f5dc46c231ce6282a1367commit | diff
Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and
DTLS to fix DoS attack.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
fuzzing as a service testing platform.
(CVE-2012-2333)
CHANGES diff | blob | history
ssl/d1_enc.c diff | blob | history
ssl/t1_enc.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.