#
1.2 |
|
04-Jan-2012 |
drochner |
branches: 1.2.2; 1.2.8; 1.2.16; 1.2.20; pull in some patches from upstream CVS, following secadv_20120104.txt: -rev.21964 for DTLS Plaintext Recovery Attack (CVE-2011-4108) -rev.21961 for Uninitialized SSL 3.0 Padding (CVE-2011-4576) -rev.21456+21954 for Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577) (rev.21456 is not mentioned in the advisory, but there is code overlap) -rev.21958 for SGC Restart DoS Attack (CVE-2011-4619) -rev.21956 for Invalid GOST parameters DoS Attack (CVE-2012-0027)
|