Fix overread when verifying SERVER_HELLO in DTLS

commit: 5a87c9375da05c8fefa1e503acdf4dafead1ccaa [log] [tgz]
author: Andres AG <andres.amayagarcia@arm.com> Mon Sep 26 14:53:05 2016 +0100
committer: Andres AG <andres.amayagarcia@arm.com> Wed Sep 28 14:26:57 2016 +0100
tree: d8306eda679cec07d69b93a83ec6de661e0f03c1
parent: 93012e8bce9788244238ab8f93b2544d1d030b89 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 60383a9..ca6f928 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -29,6 +29,8 @@
      a contribution from Tobias Tangemann. #541
    * Fixed cert_app sample program for debug output and for use when no root
      certificates are provided.
+   * Fix potential byte overread when verifying malformed SERVER_HELLO in
+     ssl_parse_hello_verify_request() for DTLS. Found by Guido Vranken.
 
 Changes
    * Extended test coverage of special cases, and added new timing test suite.
commit	5a87c9375da05c8fefa1e503acdf4dafead1ccaa	[log] [tgz]
author	Andres AG <andres.amayagarcia@arm.com>	Mon Sep 26 14:53:05 2016 +0100
committer	Andres AG <andres.amayagarcia@arm.com>	Wed Sep 28 14:26:57 2016 +0100
tree	d8306eda679cec07d69b93a83ec6de661e0f03c1
parent	93012e8bce9788244238ab8f93b2544d1d030b89 [diff] [blame]