Source-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: src/crypto/external/bsd/openssl/dist/ssl



Module Name:    src
Committed By:   drochner
Date:           Tue Dec  7 09:10:22 UTC 2010

Modified Files:
        src/crypto/external/bsd/openssl/dist/ssl: s3_clnt.c s3_srvr.c

Log Message:
openssl security patch of the day:
Fix a flaw in the OpenSSL SSL/TLS server code where an old bug
workaround allows malicous clients to modify the stored session cache
ciphersuite. In some cases the ciphersuite can be downgraded to a weaker one
on subsequent connections. See
http://www.openssl.org/news/secadv_20101202.txt
(CVE-2010-4180)


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



Home | Main Index | Thread Index | Old Index