Skip to content
Snippets Groups Projects
Commit b15f8769 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

ECDH downgrade bug fix.


Fix bug where an OpenSSL client would accept a handshake using an
ephemeral ECDH ciphersuites with the server key exchange message omitted.

Thanks to Karthikeyan Bhargavan for reporting this issue.

CVE-2014-3572
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
parent b5526482
Branches
Tags
No related merge requests found
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment