Skip to content
Commit 76343947 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson Committed by Matt Caswell
Browse files

Fix for CVE-2015-0291



If a client renegotiates using an invalid signature algorithms extension
it will crash a server with a NULL pointer dereference.

Thanks to David Ramos of Stanford University for reporting this bug.

CVE-2015-0291

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>

Conflicts:
	ssl/t1_lib.c
parent 4b22cce3
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment