CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2014/02/27 14:04:57
Modified files:
lib/libssl/src/ssl: d1_both.c s3_both.c s3_lib.c s3_pkt.c
ssl_locl.h t1_enc.c
Log message:
SECURITY fixes backported from openssl-1.0.1f. ok mikeb@
CVE-2013-4353 NULL pointer dereference with crafted Next Protocol
Negotiation record in TLS handshake.
Upstream: 197e0ea
CVE-2013-6449 Fix crash with crafted traffic from a TLS 1.2 client.
Upstream: ca98926, 0294b2b
CVE-2013-6450 Fix DTLS retransmission from previous session.
Upstream: 3462896
