diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-02-16 15:26:04 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-02-16 15:26:04 +0000 |
commit | 206310c3056847fef7e657879f05a09763c2131e (patch) | |
tree | a3595ef121ce9592257a5a61bbcbbbda03c4ce79 /CHANGES | |
parent | 5863163732ed5ba89d1aa6536e733d01f4187fce (diff) | |
download | openssl-206310c3056847fef7e657879f05a09763c2131e.tar.gz |
Fix bug in CVE-2011-4619: check we have really received a client hello
before rejecting multiple SGC restarts.
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -548,6 +548,13 @@ Add command line options to s_client/s_server. [Steve Henson] + Changes between 1.0.0g and 1.0.0h [xx XXX xxxx] + + *) Fix CVE-2011-4619: make sure we really are receiving a + client hello before rejecting multiple SGC restarts. Thanks to + Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug. + [Steve Henson] + Changes between 1.0.0f and 1.0.0g [18 Jan 2012] *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. |