projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cbb92df) | patch
Fix buffer overflow in SSL_get_shared_ciphers() function.
authorMark J. Cox <mark@openssl.org>
Thu, 28 Sep 2006 13:18:43 +0000 (13:18 +0000)
committerMark J. Cox <mark@openssl.org>
Thu, 28 Sep 2006 13:18:43 +0000 (13:18 +0000)
commit3ff55e9680cc99f330f25e48cd1422e3459c02de
tree1d0ec06ac2e93bcd761869294c1e21b682dce4a6tree | snapshot
parentcbb92dfaf0ec4e4bc91e729c69847f56d40d8302commit | diff
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
 malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
CHANGES diff | blob | history
ssl/s2_clnt.c diff | blob | history
ssl/s3_srvr.c diff | blob | history
ssl/ssl_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.