[Fdo-trac] [fdo-trac] #886: Upgrade FDO use of OpenSSL to version 1.0.1g from 1.0.1e.
FDO
trac_fdo at osgeo.org
Wed Apr 9 13:36:49 PDT 2014
#886: Upgrade FDO use of OpenSSL to version 1.0.1g from 1.0.1e.
-------------------------+--------------------------------------------------
Reporter: gregboone | Owner: gregboone
Type: defect | Status: new
Priority: critical | Milestone: 3.8.0
Component: FDO API | Version: 3.8.0
Severity: 1 | Keywords:
External_id: |
-------------------------+--------------------------------------------------
Upgrade FDO use of OpenSSL to version 1.0.1g from 1.0.1e.
A missing bounds check in the handling of the TLS heartbeat extension can
be
used to reveal up to 64k of memory to a connected client or server.
https://www.openssl.org/news/secadv_20140407.txt
--
Ticket URL: <http://trac.osgeo.org/fdo/ticket/886>
FDO <http://fdo.osgeo.org/>
Feature Data Objects
More information about the fdo-trac
mailing list