diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 23:03:40 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 23:03:40 +0000 |
commit | 6bf896d9b1693916d9e8d303f9e3cc04959632b2 (patch) | |
tree | 1691ae92ad84b14781a06654e206e11099bd6238 /CHANGES | |
parent | be71c37296b3ba43c944eaa220ac62413782bad3 (diff) |
Check GOST parameters are not NULL (CVE-2012-0027)
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -261,6 +261,9 @@ *) Add support for SCTP. [Robin Seggelmann <seggelmann@fh-muenster.de>] + *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) + [Andrey Kulikov <amdeich@gmail.com>] + *) Prevent malformed RFC3779 data triggering an assertion failure. Thanks to Andrew Chi, BBN Technologies, for discovering the flaw and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577) |