Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and
possibly other products, allow remote attackers to execute arbitrary code
via (1) the ProcessOldClientHello function in handshake.cpp or (2)
"input_buffer& operator>>" in yassl_imp.cpp.
jdstrand> dapper not affected (yassl not compiled)
Updated: 2016-03-23 03:30:32 UTC (commit 10817)