Skip to content
  1. Jun 05, 2014
    • Dr. Stephen Henson's avatar
      Fix CVE-2014-0221 · b4322e1d
      Dr. Stephen Henson authored
      Unnecessary recursion when receiving a DTLS hello request can be used to
      crash a DTLS client. Fixed by handling DTLS hello request without recursion.
      
      Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
      (cherry picked from commit d3152655d5319ce883c8e3ac4b99f8de4c59d846)
      b4322e1d
    • Dr. Stephen Henson's avatar
      Fix CVE-2014-3470 · a5362db4
      Dr. Stephen Henson authored
      Check session_cert is not NULL before dereferencing it.
      (cherry picked from commit 8011cd56)
      a5362db4
  2. Jun 04, 2014
  3. Jun 03, 2014
  4. Jun 02, 2014
  5. Jun 01, 2014