projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9eb4460) | patch
Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and
authorDr. Stephen Henson <steve@openssl.org>
Thu, 10 May 2012 15:10:15 +0000 (15:10 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 10 May 2012 15:10:15 +0000 (15:10 +0000)
commitd414a5a0f041af6ef460150b093049ff80921fbf
tree3f038f776c764624347e4bffee2f712516cadb3btree | snapshot
parent9eb4460e68ddbd7ba048349dadec5ae66a9d3756commit | diff
Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and
DTLS to fix DoS attack.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
fuzzing as a service testing platform.
(CVE-2012-2333)
CHANGES diff | blob | history
ssl/d1_enc.c diff | blob | history
ssl/t1_enc.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.