Fix length checking for AEAD ciphersuites

commit: 5bad6afd8c72b2c3a6574dff01ca5f8f2f04800a [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Tue Jul 08 17:51:29 2014 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Tue Jul 08 18:28:54 2014 +0200
tree: 29fc5affafb7f49a3a6e7a16d2318e2f740e1d1a
parent: 312da33ef121dcbaad3dee049f7b34243aead792 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 83613b9..a174aeb 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -23,6 +23,9 @@
    * Forbid sequence number wrapping
    * Prevent potential NULL pointer dereference in ssl_read_record() (found by
      TrustInSoft)
+   * Fix length checking for AEAD ciphersuites (found by Codenomicon).
+     It was possible to crash the server (and client) using crafted messages
+     when a GCM suite was chosen.
 
 Bugfix
    * Fixed X.509 hostname comparison (with non-regular characters)
commit	5bad6afd8c72b2c3a6574dff01ca5f8f2f04800a	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Tue Jul 08 17:51:29 2014 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Tue Jul 08 18:28:54 2014 +0200
tree	29fc5affafb7f49a3a6e7a16d2318e2f740e1d1a
parent	312da33ef121dcbaad3dee049f7b34243aead792 [diff] [blame]