Skip to content
GitLab
Commit b15f8769 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

ECDH downgrade bug fix. 



Fix bug where an OpenSSL client would accept a handshake using an
ephemeral ECDH ciphersuites with the server key exchange message omitted.

Thanks to Karthikeyan Bhargavan for reporting this issue.

CVE-2014-3572
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
parent b5526482
Hide whitespace changes
Inline Side-by-side
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment