diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-02-16 15:25:39 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-02-16 15:25:39 +0000 |
commit | a8314df9023e4e1d92c04e09e2afb02c98ed5e2b (patch) | |
tree | b0d794f96d081038d449dec80391c1c80b3af324 /CHANGES | |
parent | 0cd7a0325fa31189d155c2789f1a38cad72d0982 (diff) |
Fix bug in CVE-2011-4619: check we have really received a client hello
before rejecting multiple SGC restarts.
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -285,6 +285,13 @@ Add command line options to s_client/s_server. [Steve Henson] + Changes between 1.0.0g and 1.0.0h [xx XXX xxxx] + + *) Fix CVE-2011-4619: make sure we really are receiving a + client hello before rejecting multiple SGC restarts. Thanks to + Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug. + [Steve Henson] + Changes between 1.0.0f and 1.0.0g [18 Jan 2012] *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. |