fix a bug in ssl_next_proto_validate (ssl/t1_lib.c) [GitHub PR #506]

Kazuki Yamaguchi k at rhe.jp
Sat Dec 12 16:11:40 UTC 2015


By commit 50932c4af2fdd1da01203e9fabe176f9c106882b, 
ssl_next_proto_validate (in ssl/t1_lib.c) is not validating the length 
of each advertised protocol name.

GitHub Pull Request: https://github.com/openssl/openssl/pull/506

-- 
Kazuki Yamaguchi <k at rhe.jp>



More information about the openssl-bugs-mod mailing list