]> granicus.if.org Git - openssl/commit
projects / openssl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 09f0692) | patch
Fix for CVE-2015-0291
authorDr. Stephen Henson <steve@openssl.org>
Tue, 3 Mar 2015 13:20:57 +0000 (13:20 +0000)
committerMatt Caswell <matt@openssl.org>
Thu, 19 Mar 2015 13:01:13 +0000 (13:01 +0000)
commit34e3edbf3a10953cb407288101fd56a629af22f9
tree2bef6b1da44e6ac8792d6a9b5bc4a8933c2a17cctree | snapshot
parent09f06923e636019c39c807cb59c481375e720556commit | diff
Fix for CVE-2015-0291

If a client renegotiates using an invalid signature algorithms extension
it will crash a server with a NULL pointer dereference.

Thanks to David Ramos of Stanford University for reporting this bug.

CVE-2015-0291

Reviewed-by: Tim Hudson <tjh@openssl.org>
ssl/t1_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.