Introduce limits to prevent malicious keys being able to
cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller] Fix ASN.1 parsing of certain invalid structures that can result in a denial of service. (CVE-2006-2937) [Steve Henson] Fix buffer overflow in SSL_get_shared_ciphers() function. (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] Fix SSL client code which could crash if connecting to a malicious SSLv2 server. (CVE-2006-4343) [Tavis Ormandy and Will Drewry, Google Security Team]
parent
8db3f4ac
Please register or sign in to comment