CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2015/03/02 06:43:09
Modified files:
lib/libssl/src/ssl: t1_lib.c
Log message:
Fix a minor information leak that was introduced in t1_lib.c r1.71, whereby
an additional 28 bytes of .rodata (or .data) is provided to the network. In
most cases this is a non-issue since the memory content is already public.
Issue found and reported by Felix Groebert of the Google Security Team.
ok bcook@ beck@
