CVE-2012-0027

Priority
Medium
Description
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid
parameters for the GOST block cipher, which allows remote attackers to
cause a denial of service (daemon crash) via crafted data from a TLS
client.
References
Notes
 sbeattie> GOST is not in openssl 0.9.8
Assigned-to
sbeattie
Package
Upstream:released (0.9.8s)
Package
Upstream:released (0.9.8s,1.0.0f)
Patches:
Upstream:http://cvs.openssl.org/chngview?cn=21925
More Information

Updated: 2017-12-15 20:29:39 UTC (commit 13913)