Google Git
Sign in
flutter / third_party / openssl / 80bd7b41b30af6ee96f519e629463583318de3b0
commit80bd7b41b30af6ee96f519e629463583318de3b0[log] [tgz]
authorDr. Stephen Henson <steve@openssl.org>Fri Jul 25 00:50:06 2014 +0100
committerMatt Caswell <matt@openssl.org>Wed Aug 06 20:36:41 2014 +0100
tree827671d277fa089328058964009069671ead5157
parentfb0bc2b273bcc2d5401dd883fe869af4fc74bb21 [diff]
Fix SRP ciphersuite DoS vulnerability.

If a client attempted to use an SRP ciphersuite and it had not been
set up correctly it would crash with a null pointer read. A malicious
server could exploit this in a DoS attack.

Thanks to Joonas Kuorilehto and Riku Hietamäki from Codenomicon
for reporting this issue.

CVE-2014-2970
Reviewed-by: Tim Hudson <tjh@openssl.org>
1 file changed
tree: 827671d277fa089328058964009069671ead5157
  1. apps/
  2. bugs/
  3. certs/
  4. crypto/
  5. demos/
  6. doc/
  7. engines/
  8. fips/
  9. include/
  10. ms/
  11. Netware/
  12. os2/
  13. perl/
  14. shlib/
  15. ssl/
  16. test/
  17. times/
  18. tools/
  19. util/
  20. VMS/
  21. .cvsignore
  22. .gitignore
  23. ACKNOWLEDGMENTS
  24. CHANGES
  25. CHANGES.SSLeay
  26. config
  27. Configure
  28. e_os.h
  29. e_os2.h
  30. FAQ
  31. GitConfigure
  32. GitMake
  33. INSTALL
  34. install.com
  35. INSTALL.DJGPP
  36. INSTALL.MacOS
  37. INSTALL.NW
  38. INSTALL.OS2
  39. INSTALL.VMS
  40. INSTALL.W32
  41. INSTALL.W64
  42. INSTALL.WCE
  43. LICENSE
  44. Makefile.fips
  45. Makefile.org
  46. Makefile.shared
  47. makevms.com
  48. NEWS
  49. openssl.doxy
  50. openssl.spec
  51. PROBLEMS
  52. README
  53. README.ASN1
  54. README.ECC
  55. README.ENGINE
  56. README.FIPS
  57. TABLE