diff options
author | simon <simon@FreeBSD.org> | 2011-02-12 21:30:46 +0000 |
---|---|---|
committer | simon <simon@FreeBSD.org> | 2011-02-12 21:30:46 +0000 |
commit | 4fe7a7870a6da7d72489d152af4b1a951eb50ae4 (patch) | |
tree | 0bf16de41217d6ad2b793bfe2266614f63f33c66 /bin/sh/arith_yacc.c | |
parent | 94b652028c56eead69d9411ef7e8179bfba9c5f2 (diff) | |
download | FreeBSD-src-4fe7a7870a6da7d72489d152af4b1a951eb50ae4.zip FreeBSD-src-4fe7a7870a6da7d72489d152af4b1a951eb50ae4.tar.gz |
Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could
cause OpenSSL to parse past the end of the message.
Note: Applications are only affected if they act as a server and call
SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. This includes
Apache httpd >= 2.3.3, if configured with "SSLUseStapling On".
Security: http://www.openssl.org/news/secadv_20110208.txt
Security: CVE-2011-0014
Obtained from: OpenSSL CVS
Diffstat (limited to 'bin/sh/arith_yacc.c')
0 files changed, 0 insertions, 0 deletions