Opened 10 years ago
Closed 5 years ago
#886 closed defect (fixed)
Upgrade FDO use of OpenSSL to version 1.0.1g from 1.0.1e.
| Reported by: | gregboone | Owned by: | gregboone |
|---|---|---|---|
| Priority: | critical | Milestone: | 3.9.0 |
| Component: | FDO API | Version: | 3.9.0 |
| Severity: | 1 | Keywords: | |
| Cc: | External ID: |
Description
Upgrade FDO use of OpenSSL to version 1.0.1g from 1.0.1e.
A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server.
Change History (3)
comment:1 by , 10 years ago
| Milestone: | 3.8.0 → 3.9.0 |
|---|
comment:2 by , 10 years ago
| Version: | 3.8.0 → 3.9.0 |
|---|
comment:3 by , 5 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
