Revision 802a070bb6452dd9df49e550e0f3b16777e5232b authored by Dr. Stephen Henson on 24 October 2014, 11:30:33 UTC, committed by Dr. Stephen Henson on 05 January 2015, 23:52:28 UTC
Fix bug where an OpenSSL client would accept a handshake using an ephemeral ECDH ciphersuites with the server key exchange message omitted. Thanks to Karthikeyan Bhargavan for reporting this issue. CVE-2014-3572 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit b15f8769644b00ef7283521593360b7b2135cb63) Conflicts: CHANGES
1 parent 31c65a7
| File | Mode | Size |
|---|---|---|
| HOWTO | ||
| apps | ||
| crypto | ||
| ssl | ||
| README | -rw-r--r-- | 598 bytes |
| c-indentation.el | -rw-r--r-- | 1.6 KB |
| fingerprints.txt | -rw-r--r-- | 2.8 KB |
| openssl-shared.txt | -rw-r--r-- | 1.5 KB |
| openssl.txt | -rw-r--r-- | 45.6 KB |
| openssl_button.gif | -rw-r--r-- | 2.0 KB |
| openssl_button.html | -rw-r--r-- | 239 bytes |
| ssleay.txt | -rw-r--r-- | 276.5 KB |
| standards.txt | -rw-r--r-- | 11.8 KB |
Computing file changes ...
