]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: abc158b) | patch
openssl: fix CVE-2014-0198
authorMaxin B. John <maxin.john@enea.com>
Mon, 19 May 2014 15:13:04 +0000 (16:13 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 21 May 2014 08:32:38 +0000 (09:32 +0100)
commit4c58fe468790822fe48e0a570779979c831d0f10
treeefde892bcee04c60bf9d7ea74364f1102c7ac178tree | snapshot
parentabc158bf873bb7c01414e437eea2b538eb73881ccommit | diff
openssl: fix CVE-2014-0198

A null pointer dereference bug was discovered in do_ssl3_write().
An attacker could possibly use this to cause OpenSSL to crash, resulting
in a denial of service.

https://access.redhat.com/security/cve/CVE-2014-0198

Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-connectivity/openssl/openssl-1.0.1e/openssl-CVE-2014-0198-fix.patch [new file with mode: 0644] blob
meta/recipes-connectivity/openssl/openssl_1.0.1e.bb diff | blob | history
Mirror of the official openembedded-core repository