| version 1.409, 2014/04/09 20:36:50 |
version 1.410, 2014/04/12 17:39:57 |
|
|
| failure to check the server hostname when connecting to an https |
failure to check the server hostname when connecting to an https |
| website, allowing any trusted CA-signed certificate to impersonate |
website, allowing any trusted CA-signed certificate to impersonate |
| any other website.</a> |
any other website.</a> |
| |
<li><a href="errata55.html#004_openssl">April 12, 2014: |
| |
A use-after-free race condition in OpenSSL's read buffer may permit |
| |
an attacker to inject data from one connection into another.</a> |
| </ul> |
</ul> |
| |
|
| <li><a name="54"></a> |
<li><a name="54"></a> |
|
|
| <li><a href="errata54.html#007_openssl">April 7, 2014: |
<li><a href="errata54.html#007_openssl">April 7, 2014: |
| Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
| heartbeat extension (RFC6520) which can result in a leak of memory contents.</a> |
heartbeat extension (RFC6520) which can result in a leak of memory contents.</a> |
| |
<li><a href="errata54.html#008_openssl">April 12, 2014: |
| |
A use-after-free race condition in OpenSSL's read buffer may permit |
| |
an attacker to inject data from one connection into another.</a> |
| </ul> |
</ul> |
| |
|
| <li><a name="53"></a> |
<li><a name="53"></a> |
|
|
| <li><a href="errata53.html#014_openssl">April 7, 2014: |
<li><a href="errata53.html#014_openssl">April 7, 2014: |
| Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
| heartbeat extension (RFC6520) which can result in a leak of memory contents.</a> |
heartbeat extension (RFC6520) which can result in a leak of memory contents.</a> |
| |
<li><a href="errata54.html#015_openssl">April 12, 2014: |
| |
A use-after-free race condition in OpenSSL's read buffer may permit |
| |
an attacker to inject data from one connection into another.</a> |
| </ul> |
</ul> |
| |
|
| <br><p><b> |
<br><p><b> |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www