]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/commit
projects / people / teissler / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6666803) | patch
openssl: security update to 0.9.8x (CVE-2012-2333).
authorArne Fitzenreiter <arne_f@ipfire.org>
Sat, 12 May 2012 13:30:38 +0000 (15:30 +0200)
committerArne Fitzenreiter <arne_f@ipfire.org>
Sat, 12 May 2012 13:30:38 +0000 (15:30 +0200)
commit423d77a71fd48916b88b39d5554b37bd5743f453
treeb1fb16746bbad12d314e4f33a964dc807372a933tree | snapshot
parent6666803d83db59c429976e75d931dea0af19a81ccommit | diff
openssl: security update to 0.9.8x (CVE-2012-2333).

Invalid TLS/DTLS record attack (CVE-2012-2333)
===============================================

A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and
DTLS can be exploited in a denial of service attack on both clients and
servers.

DTLS applications are affected in all versions of OpenSSL. TLS is only
affected in OpenSSL 1.0.1 and later.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing
as a service testing platform.

The fix was developed by Stephen Henson of the OpenSSL core team.

Affected users should upgrade to OpenSSL 1.0.1c, 1.0.0j or 0.9.8x

References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120510.txt
lfs/openssl diff | blob | blame | history
Timo's tree of IPFire 2.x