| version 1.16, 2009/01/30 23:18:03 |
version 1.17, 2009/01/31 15:11:25 |
|
|
| <li><a name="007_openssl"></a> |
<li><a name="007_openssl"></a> |
| <font color="#009000"><strong>007: SECURITY FIX: January 9, 2009</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>007: SECURITY FIX: January 9, 2009</strong></font> <i>All architectures</i><br> |
| The OpenSSL libraries did not correctly check the return value from |
The OpenSSL libraries did not correctly check the return value from |
| certain verifiction functions, allowing validation to be bypassed and |
certain verification functions, allowing validation to be bypassed and |
| permitting a remote attacker to conduct a "man in the middle attack" |
permitting a remote attacker to conduct a "man in the middle attack" |
| against SSL/TLS connections if the server is configured with a DSA or ECDSA |
against SSL/TLS connections if the server is configured with a DSA or ECDSA |
| certificate. |
certificate. |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata43.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www