openssl: fix CVE-2014-0221 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Paul Eggleton <paul.eggleton@linux.intel.com>	2014-06-09 16:51:18 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-06-10 17:12:20 +0100
commit	8386f4203d9d2b45fc5d6af7f16e95ee0f77e87f (patch)
tree	8c7684a1ecfa0c3231276cc47fde3f0408c8bb12 /meta/recipes-connectivity/openssh
parent	b4b50e52d2d421d1091184b39021b4243ddc2065 (diff)
download	poky-8386f4203d9d2b45fc5d6af7f16e95ee0f77e87f.tar.gz

openssl: fix CVE-2014-0221

http://www.openssl.org/news/secadv_20140605.txt DTLS recursion flaw (CVE-2014-0221) By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. Only applications using OpenSSL as a DTLS client are affected. (Patch borrowed from Fedora.) (From OE-Core rev: 833920fadd58fe353d27f94f340e3a9f6923afb8) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-connectivity/openssh')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: