Wind River Support Network

HomeDefectsLIN6-6575

Fixed

LIN6-6575 : Security Advisory - openssl - CVE-2013-4353

Created: Jan 15, 2014 Updated: Dec 3, 2018

Resolved Date: Jan 17, 2014

Found In Version: 6.0.0.3

Fix Version: 6.0.0.3

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4353

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38