Skip to content
GitLab
Commit 1632ef74 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Fix for CVE-2014-0195 

A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.

Fixed by adding consistency check for DTLS fragments.

Thanks to Jüri Aedla for reporting this issue.
parent f1f4fbde
Hide whitespace changes
Inline Side-by-side
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment