> OpenSSL 0.9.7l and 0.9.8d fixed a buffer overflow found in
> the SSL_get_shared_ciphers() function reported by Tavis
> Ormandy and Will Drewry of the Google Security Team.
> Although this fix prevented the unlimited overflow of the
> buffer, it still allowed an off-by-one buffer overflow to
> hap...
> the SSL_get_shared_ciphers() function reported by Tavis
> Ormandy and Will Drewry of the Google Security Team.
> Although this fix prevented the unlimited overflow of the
> buffer, it still allowed an off-by-one buffer overflow to
> hap...
[ more ]