]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4b258e7) | patch
Fix for CVE-2014-0195
authorDr. Stephen Henson <steve@openssl.org>
Tue, 13 May 2014 17:48:31 +0000 (18:48 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 3 Jun 2014 15:30:23 +0000 (16:30 +0100)
commit82ba68c42d6a9cf245afa489471005b2a0377c10
tree7fef2a3e022996c77ae6b10d7d009f50ab7432d8tree | snapshot
parent4b258e73ae0da0f1a7ff3eb9840b6978711c2400commit | diff
Fix for CVE-2014-0195

A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.

Fixed by adding consistency check for DTLS fragments.

Thanks to Jüri Aedla for reporting this issue.
ssl/d1_both.c diff | blob | blame | history
A mirror of the official openssl repository