On May 17, 2009, at 6:46 PM, Stephen Henson via RT wrote:
[steve - Sat May 16 18:28:06 2009]:
Patch applied to 1.0, HEAD and 0.9.8. Thanks for the report.
Patch reverted on 0.9.8, it breaks compilation. Please supply a
version
for 0.9.8.
The 0.9.8 version:
--- ssl/d1_both.c
[steve - Sat May 16 18:28:06 2009]:
Patch applied to 1.0, HEAD and 0.9.8. Thanks for the report.
Patch reverted on 0.9.8, it breaks compilation. Please supply a version
for 0.9.8.
__
OpenSSL Project
In dtls1_process_out_of_seq_message() the check if the current message
is already buffered was missing. For every new message was memory
allocated, allowing an attacker to perform an denial of service attack
with sending out of seq handshake messages until there is no memory
left.