mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-07 19:38:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
8106d61c35
openssl/ssl
History
Matt Caswell e83ee04bb7 Fix Seg fault in DTLSv1_listen 
The DTLSv1_listen function is intended to be stateless and processes
the initial ClientHello from many peers. It is common for user code to
loop over the call to DTLSv1_listen until a valid ClientHello is received
with an associated cookie. A defect in the implementation of DTLSv1_listen
means that state is preserved in the SSL object from one invokation to the
next that can lead to a segmentation fault. Erorrs processing the initial
ClientHello can trigger this scenario. An example of such an error could
be that a DTLS1.0 only client is attempting to connect to a DTLS1.2 only
server.

CVE-2015-0207

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-19 11:11:02 +00:00
..
bio_ssl.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
d1_both.c Fix DTLS1_BAD_VER regression 2015-03-09 10:51:57 +00:00
d1_clnt.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
d1_lib.c Fix Seg fault in DTLSv1_listen 2015-03-19 11:11:02 +00:00
d1_meth.c
d1_pkt.c Harmonize return values in dtls1_buffer_record 2015-03-10 12:18:18 -07:00
d1_srtp.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
d1_srvr.c Remove NETSCAPE_HANG_BUG 2015-02-26 23:27:09 +00:00
dtls1.h Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:29:03 +00:00
heartbeat_test.c
install-ssl.com
kssl_lcl.h
kssl.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
kssl.h
Makefile
s3_both.c
s3_cbc.c
s3_clnt.c ssl/s3_clnt.c: fix intermittent failures. 2015-03-12 08:54:28 +01:00
s3_enc.c Cleanse buffers 2015-03-11 10:40:44 +00:00
s3_lib.c Remove ssl_cert_inst() 2015-03-15 12:15:08 +01:00
s3_meth.c
s3_pkt.c Multiblock corrupted pointer fix 2015-03-19 11:11:02 +00:00
s3_srvr.c OPENSSL_NO_EC* merge; missed one file 2015-03-15 14:49:15 -04:00
s23_clnt.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
s23_lib.c
s23_meth.c
s23_pkt.c
s23_srvr.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
srtp.h
ssl2.h
ssl3.h
ssl23.h
ssl_algs.c Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC 2015-03-11 09:29:37 -04:00
ssl_asn1.c Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:29:03 +00:00
ssl_cert.c Remove ssl_cert_inst() 2015-03-15 12:15:08 +01:00
ssl_ciph.c Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC 2015-03-11 09:29:37 -04:00
ssl_conf.c Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC 2015-03-11 09:29:37 -04:00
ssl_err2.c
ssl_err.c Remove ssl_cert_inst() 2015-03-15 12:15:08 +01:00
ssl_lib.c Remove ssl_cert_inst() 2015-03-15 12:15:08 +01:00
ssl_locl.h Remove ssl_cert_inst() 2015-03-15 12:15:08 +01:00
ssl_rsa.c Remove ssl_cert_inst() 2015-03-15 12:15:08 +01:00
ssl_sess.c Add SSL_SESSION_get0_ticket API function. 2015-02-10 22:54:27 +00:00
ssl_stat.c
ssl_task.c
ssl_txt.c
ssl_utst.c
ssl-lib.com
ssl.h Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC 2015-03-11 09:29:37 -04:00
ssltest.c ssl/s3_clnt.c: fix intermittent failures. 2015-03-12 08:54:28 +01:00
t1_clnt.c
t1_enc.c Add sanity check to PRF 2015-03-17 13:39:53 +00:00
t1_ext.c
t1_lib.c SSL_check_chain fix 2015-03-12 09:25:32 +00:00
t1_meth.c
t1_reneg.c
t1_srvr.c
t1_trce.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
tls1.h Remove experimental 56bit export ciphers 2015-03-01 16:18:16 -05:00
tls_srp.c