projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b79e6e3) | patch
Fix for CVE-2014-0195
authorDr. Stephen Henson <steve@openssl.org>
Tue, 13 May 2014 17:48:31 +0000 (18:48 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 3 Jun 2014 15:30:37 +0000 (16:30 +0100)
commitf4e6ed09e48348f4766eb9f03727326ce6c0b1a3
tree97aa6ceb7b5f4f4ea3928b5c0e4cdacee78ada2btree | snapshot
parentb79e6e3a276634582012d531f4150a5fcf84fab3commit | diff
Fix for CVE-2014-0195

A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.

Fixed by adding consistency check for DTLS fragments.

Thanks to Jüri Aedla for reporting this issue.
ssl/d1_both.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.