mirror of
https://git.yoctoproject.org/poky
synced 2026-06-03 21:52:38 +02:00
d3bc30f75b
From the OpenSSL Security Advisory [05 Jun 2014] http://www.openssl.org/news/secadv_20140605.txt DTLS recursion flaw (CVE-2014-0221) By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. Only applications using OpenSSL as a DTLS client are affected. (Patch borrowed from Fedora.) (From OE-Core rev: 2a9e46a319d32e99266fd44e1ea1ca2b5e7c9a6a) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>