projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f1f4fbd) | patch
Fix for CVE-2014-0195
authorDr. Stephen Henson <steve@openssl.org>
Tue, 13 May 2014 17:48:31 +0000 (18:48 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 5 Jun 2014 08:04:27 +0000 (09:04 +0100)
commit1632ef744872edc2aa2a53d487d3e79c965a4ad3
treef270b635ac06b1f4689d8634d064b200b0025560tree | snapshot
parentf1f4fbde2ad48bd6cd61c2d054c4efcd9dcc73e6commit | diff
Fix for CVE-2014-0195

A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.

Fixed by adding consistency check for DTLS fragments.

Thanks to Jüri Aedla for reporting this issue.
ssl/d1_both.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.