sdkp3-openssl

Security update for OpenSSL

Specially crafted responses from SSL servers could cause a double-free bug in openssl's client implementation. Malicious servers could exploit that to crash programs use openssl for the SSL connection (CVE-2010-2939). This has been fixed. Security Issue reference: * CVE-2010-2939 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939> security openssl-doc x86_64 8a7b9bbdddb55603a1fa836eebaa99ed9c9e652f