[Midnightbsd-cvs] src: /src: A double free exists in the SSL client ECDH handling code,
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Tue Nov 30 09:03:19 EST 2010
Log Message:
-----------
A double free exists in the SSL client ECDH handling code, when
processing specially crafted public keys with invalid prime
numbers. [CVE-2010-2939]
Tags:
----
RELENG_0_3
Modified Files:
--------------
src:
UPDATING (r1.94.2.4 -> r1.94.2.5)
(http://cvsweb.midnightbsd.org/src/UPDATING?r1=1.94.2.4&r2=1.94.2.5)
src/crypto/openssl/ssl:
s3_clnt.c (r1.2 -> r1.2.2.1)
(http://cvsweb.midnightbsd.org/src/crypto/openssl/ssl/s3_clnt.c?r1=1.2&r2=1.2.2.1)
More information about the Midnightbsd-cvs
mailing list