Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Register
  • Sign in
  • aports aports
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Graph
    • Compare
  • Issues 662
    • Issues 662
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 309
    • Merge requests 309
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Releases
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • alpinealpine
  • aportsaports
  • Issues
  • #936
Closed
Open
Issue created Jan 19, 2012 by Natanael Copa@ncopaOwner

openssl < 1.0.0.g: DTLS DoS attack (v2.3)

OpenSSL Security Advisory [18 Jan 2011]

DTLS DoS attack (CVE-2012-0050)

A flaw in the fix to CVE-2011-4108 can be exploited in a denial of
service attack. Only DTLS applications using OpenSSL 1.0.0f and
0.9.8s are affected.

Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix.

Affected users should upgrade to OpenSSL 1.0.0g or 0.9.8t.

References

URL for this Security Advisory:
http://www.openssl.org/news/secadv\_20120118.txt

(from redmine: issue id 936, created on 2012-01-19, closed on 2012-01-29)

  • Relations:
    • relates #935 (closed)
  • Changesets:
    • Revision 4c902cc8 by Natanael Copa on 2012-01-19T07:12:38Z:
main/openssl: security upgrade to 1.0.0g (CVE-2012-0050)

fixes #936
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking