summaryrefslogtreecommitdiff
path: root/scripts/create-pull-request
diff options
context:
space:
mode:
authorPaul Eggleton <paul.eggleton@linux.intel.com>2014-06-09 16:51:16 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-06-10 17:10:34 +0100
commit5bcb997663a6bd7a4d7395dcdb5e027d7f2bab81 (patch)
tree967cbd30a6261e32099749e80fee5dd52f4b22ab /scripts/create-pull-request
parent1bd77c28fdb51d1a0dad55c8d1af2991046c801d (diff)
downloadopenembedded-core-5bcb997663a6bd7a4d7395dcdb5e027d7f2bab81.tar.gz
openembedded-core-5bcb997663a6bd7a4d7395dcdb5e027d7f2bab81.tar.bz2
openembedded-core-5bcb997663a6bd7a4d7395dcdb5e027d7f2bab81.zip
openssl: fix CVE-2014-0195
From the OpenSSL Security Advisory [05 Jun 2014] http://www.openssl.org/news/secadv_20140605.txt DTLS invalid fragment vulnerability (CVE-2014-0195) A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. Only applications using OpenSSL as a DTLS client or server affected. (Patch borrowed from Fedora.) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Diffstat (limited to 'scripts/create-pull-request')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-11 19:43:05 +0000