]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8e98988) | patch
Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch.
authorsimon <simon@FreeBSD.org>
Thu, 18 Oct 2007 20:19:33 +0000 (20:19 +0000)
committersimon <simon@FreeBSD.org>
Thu, 18 Oct 2007 20:19:33 +0000 (20:19 +0000)
commit8f21bfc1756ff75fb4caf97e5c9612a4d7106243
tree18668034f47decf1b245c279a6825a76c0eb0425tree | snapshot
parent8e9898839e1cab4cb5affa37125bb12602040d78commit | diff
Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch.

From the OpenSSL advisory:

Andy Polyakov discovered a flaw in OpenSSL's DTLS
implementation which could lead to the compromise of clients
and servers with DTLS enabled.

DTLS is a datagram variant of TLS specified in RFC 4347 first
supported in OpenSSL version 0.9.8. Note that the
vulnerabilities do not affect SSL and TLS so only clients and
servers explicitly using DTLS are affected.

We believe this flaw will permit remote code execution.

Security: CVE-2007-4995
Security: http://www.openssl.org/news/secadv_20071012.txt
crypto/openssl/ssl/d1_both.c diff | blob | history
crypto/openssl/ssl/dtls1.h diff | blob | history
crypto/openssl/ssl/ssl.h diff | blob | history
crypto/openssl/ssl/ssl_err.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.