openembedded-core.git - Mirror of openembedded-core

diff options

author	Paul Eggleton <paul.eggleton@linux.intel.com>	2014-06-09 16:51:18 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-06-10 17:10:35 +0100
commit	833920fadd58fe353d27f94f340e3a9f6923afb8 (patch)
tree	648dfd0562d960e56783c617475868c076d6d82f /scripts/lib
parent	d3d6eee3353fcce09e1d6b0181a0ea7b52b7a937 (diff)
download	openembedded-core-833920fadd58fe353d27f94f340e3a9f6923afb8.tar.gz openembedded-core-833920fadd58fe353d27f94f340e3a9f6923afb8.tar.bz2 openembedded-core-833920fadd58fe353d27f94f340e3a9f6923afb8.zip

openssl: fix CVE-2014-0221

http://www.openssl.org/news/secadv_20140605.txt DTLS recursion flaw (CVE-2014-0221) By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. Only applications using OpenSSL as a DTLS client are affected. (Patch borrowed from Fedora.) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>

Diffstat (limited to 'scripts/lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: