]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f2e4008) | patch
Require polarssl >= 1.2.10 for polarssl-builds, which fixes CVE-2013-5915.
authorSteffan Karger <steffan.karger@fox-it.com>
Tue, 22 Oct 2013 12:45:17 +0000 (14:45 +0200)
committerGert Doering <gert@greenie.muc.de>
Thu, 24 Oct 2013 11:40:55 +0000 (13:40 +0200)
commit92d21e3fed33aad966b7b0ca6568e0cda8c7a8b5
treeacb7c09b2c728af3ad996c2e4d4413a59960dad1tree | snapshot
parentf2e40082349098d3c22981bf1e6d305826f1173fcommit | diff
Require polarssl >= 1.2.10 for polarssl-builds, which fixes CVE-2013-5915.

PolarSSL 1.2.9 fixes a possible timing attack in PolarSSL's RSA-CRT
implementation. See CVE-2013-5915 for details. This commit bumps the
minimum polarssl version required by configure.ac to 1.2.10, because 1.2.9
also introduced a memory leak, which is fixed in 1.2.10.

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1382445917-2974-1-git-send-email-steffan.karger@fox-it.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7925
Signed-off-by: Gert Doering <gert@greenie.muc.de>
configure.ac diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git