summaryrefslogtreecommitdiff
path: root/meta/recipes-devtools/python/python-pyrex
diff options
context:
space:
mode:
authorPaul Eggleton <paul.eggleton@linux.intel.com>2014-06-09 16:53:46 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-06-10 17:05:53 +0100
commitf19dbbc864b12b0f87248d3199296b41a0dcd5b0 (patch)
tree6cdb574646eb67df1d7f17fa7a91a02c2422647b /meta/recipes-devtools/python/python-pyrex
parent6506f8993c84b966642ef857bb15cf96eada32e8 (diff)
downloadopenembedded-core-f19dbbc864b12b0f87248d3199296b41a0dcd5b0.tar.gz
openembedded-core-f19dbbc864b12b0f87248d3199296b41a0dcd5b0.tar.bz2
openembedded-core-f19dbbc864b12b0f87248d3199296b41a0dcd5b0.zip
openssl: fix CVE-2014-0224
http://www.openssl.org/news/secadv_20140605.txt SSL/TLS MITM vulnerability (CVE-2014-0224) An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. The attack can only be performed between a vulnerable client *and* server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. (Patch borrowed from Fedora.) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/python/python-pyrex')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-02 02:17:36 +0000