Skip to content
Commit 09f06923 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson Committed by Matt Caswell
Browse files

Reject invalid PSS parameters.



Fix a bug where invalid PSS parameters are not rejected resulting in a
NULL pointer exception. This can be triggered during certificate
verification so could be a DoS attack against a client or a server
enabling client authentication.

Thanks to Brian Carpenter for reporting this issues.

CVE-2015-0208

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
parent 8106d61c
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment