kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
112 Commits 12 Branches 0 Tags 38 MiB
C 43.1%
C++ 23.5%
Go 13.6%
Raku 10.8%
Perl 4%
Other 4.9%
bed2214b3e
Go to file
Adam Langley bed2214b3e Fix for CVE-2014-0195 
A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.

Fixed by adding consistency check for DTLS fragments.

Thanks to Jüri Aedla for reporting this issue.

(Imported from upstream's eb6508d50c9a314b88ac155bd378cbd79a117c92)
2014-06-20 13:17:41 -07:00
crypto Set default global mask to UTF8 only. 2014-06-20 13:17:41 -07:00
doc Inital import. 2014-06-20 13:17:32 -07:00
include/openssl ChaCha20-Poly1305 support. 2014-06-20 13:17:35 -07:00
ssl Fix for CVE-2014-0195 2014-06-20 13:17:41 -07:00
tool Add client functionality to helper tool. 2014-06-20 13:17:37 -07:00
util Unit/regression test for TLS heartbeats. 2014-06-20 13:17:40 -07:00
.clang-format Inital import. 2014-06-20 13:17:32 -07:00
.gitignore Inital import. 2014-06-20 13:17:32 -07:00
BUGS Inital import. 2014-06-20 13:17:32 -07:00
BUILDING Inital import. 2014-06-20 13:17:32 -07:00
CMakeLists.txt Inital import. 2014-06-20 13:17:32 -07:00