CVSROOT: /cvs Module name: src Changes by: [email protected] 2010/12/15 02:44:23
Modified files:
lib/libssl/src/ssl: Tag: OPENBSD_4_7 s3_clnt.c s3_srvr.c
Log message:
Security fix for CVE-2010-4180 as mentioned in
http://www.openssl.org/news/secadv_20101202.txt.
where clients could modify the stored session
cache ciphersuite and in some cases even downgrade the suite to weaker ones.
This code is not enabled by default.
ok djm@
