compat-openssl097gSecurity update for compat-openssl097gSecurity update for compat-openssl097gA buffer overflow condition within the
SSL_get_shared_ciphers() function and a DoS condition known
as "parasitic public keys" have been fixed. The later
problem allowed attackers to trick the OpenSSL engine to
spend an extraordinary amount of time to process public
keys. The following CAN numbers have been assigned:
CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4339
and CVE-2006-4343.
A buffer overflow condition within the
SSL_get_shared_ciphers() function and a DoS condition known
as "parasitic public keys" have been fixed. The later
problem allowed attackers to trick the OpenSSL engine to
spend an extraordinary amount of time to process public
keys. The following CAN numbers have been assigned:
CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4339
and CVE-2006-4343.
securitycompat-openssl097gi586d2fcbd0f9d214fa8f7d2076e09439138c065d309