]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 7b2ffd6) | patch
openssl: fix CVE-2014-0198
authorMaxin B. John <maxin.john@enea.com>
Tue, 6 May 2014 00:53:34 +0000 (02:53 +0200)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 8 May 2014 11:56:40 +0000 (12:56 +0100)
commit580033721abbbb4302bc803ebc70c90e331e4587
tree4f08331c75b61889fdecde76c8e4262710a5fc5etree | snapshot
parent7b2ffd68ae8235dcc3ddff9cbe8525e61f3b3d28commit | diff
openssl: fix CVE-2014-0198

A null pointer dereference bug was discovered in do_ssl3_write().
An attacker could possibly use this to cause OpenSSL to crash, resulting
in a denial of service.

https://access.redhat.com/security/cve/CVE-2014-0198

Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
meta/recipes-connectivity/openssl/openssl/openssl-CVE-2014-0198-fix.patch [new file with mode: 0644] blob
meta/recipes-connectivity/openssl/openssl_1.0.1g.bb diff | blob | history
Mirror of the official openembedded-core repository