URL : http://openssl.org/news/vulnerabilities.html
CVE-2015-0291: [High severity] 19th March 2015
ClientHello sigalgs DoS. If a client connects to an OpenSSL 1.0.2 server and renegotiates with an invalid signature algorithms extension a NULL pointer dereference will occur. This can be exploited in a DoS attack against the server. (original advisory). Reported by David Ramos (Stanford University).
* 패치된 사항은 여러가지가 있으나, 가장 중요한 내용인듯 합니다.
3월 19일자로 출시된 버전은
openssl-1.0.2a
openssl-1.0.1m
openssl-1.0.0r
openssl-0.9.8zf
입니다.
배포본들은 아직 적용이 안된듯 하네요... 심각하다고 사전경고가 있었으니 하루정도면 올라오지 싶습니다.
댓글 0
번호 | 제목 | 글쓴이 | 날짜 | 조회 수 |
---|---|---|---|---|
10 | Lawful basis for processing personal data under GDPR with Matomo | 관리자 | 2018.04.30 | 595 |
9 | Spatial Reference Systems in MySQL 8.0 | 관리자 | 2018.05.01 | 284 |
8 | How to get the Windows 10 April 2018 Update | 관리자 | 2018.05.01 | 312 |
7 | What’s new in the Windows 10 April 2018 Update | 관리자 | 2018.05.01 | 319 |
6 | What’s new in Microsoft Edge in the Windows 10 April 2018 Update | 관리자 | 2018.05.01 | 294 |
5 | Windows IoT accelerates the intelligent edge with the Windows 10 April 2018 Update | 관리자 | 2018.05.02 | 1437 |
4 | New Twitter app for Windows 10 available from Microsoft Store | 관리자 | 2018.05.02 | 443 |
3 | Geography in MySQL 8.0 | 관리자 | 2018.05.03 | 416 |
2 | Announcing a new name for the UWP Community Toolkit: Windows Community Toolkit | 관리자 | 2018.05.03 | 1184 |
1 | Bringing Screen Capture to Microsoft Edge with the Media Capture API | 관리자 | 2018.05.03 | 867 |