| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A denial of service flaw was found in the way BIND followed DNS
delegations. A remote attacker could use a specially crafted zone
containing a large number of referrals which, when looked up and
processed, would cause named to use excessive amounts of memory
or crash.
External References:
===================
https://kb.isc.org/article/AA-01216/74/CVE-2014-8500%3A-A-Defect-in-\
Delegation-Handling-Can-Be-Exploited-to-Crash-BIND.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
|
|
|
|
|
| |
Fix no-ssl3 configuration option
This patch is a backport from OpenSSL_1.0.1j.
Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
|
|
|
|
|
|
|
|
| |
Fix for session tickets memory leak.
This patch is a backport from OpenSSL_1.0.1j.
Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
|
|
|
|
|
|
|
|
| |
Fix for SRTP Memory Leak
This patch is a backport from OpenSSL_1.0.1j.
Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
|
|
|
|
|
|
|
|
| |
OpenSSL_1.0.1 SSLV3 POODLE VULNERABILITY (CVE2014-3566)
This patch is a backport from OpenSSL_1.0.1j.
Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
1) DTLS invalid fragment vulnerability (CVE-2014-0195)
2) DTLS recursion flaw (CVE-2014-0221)
3) SSL/TLS MITM vulnerability (CVE-2014-0224)
4) Anonymous ECDH denial of service (CVE-2014-3470)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Maxin B. John <maxin.john@enea.com>
|
|
Migrated from the internal git server on the daisy-enea branch
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|