- edited description
[OpenSSL-1.0.2] CVE-2020-1968 - Raccoon Attack
detailed info:
https://www.openssl.org/news/secadv/20200909.txt
fix:
https://github.com/openssl/openssl/commit/c66ce5eb23f7611bd2822650d6ffeacbe0671072
https://github.com/openssl/openssl/commit/bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb
https://github.com/openssl/openssl/commit/7b6434ae035262991adf140365b69119499b5a7c
Comments (4)
-
reporter -
reporter - edited description
-
reporter - edited description
-
reporter BUGFIX: Issue
#196- CVE-2020-1968 - Raccoon Attackdetailed info: https://www.openssl.org/news/secadv/20200909.txt
cherry-picked from OpenSSL_1_1_1-stable branch with some modification by me: https://github.com/openssl/openssl/commit/bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb https://github.com/openssl/openssl/commit/7b6434ae035262991adf140365b69119499b5a7c
Remove fixed DH ciphersuites.
Remove all fixed DH ciphersuites and associated logic.
Reviewed-by: Matt Caswell matt@openssl.org
(cherry-picked from commit bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb)
Stop using unimplemented cipher classes. Add comments to no longer usable ciphers.
Reviewed-by: Rich Salz rsalz@openssl.org (Merged from https://github.com/openssl/openssl/pull/5023)
(cherry picked from commit 7b6434ae035262991adf140365b69119499b5a7c)
→ <<cset a874fa3b6e90>>
- Log in to comment