https://bugzilla.redhat.com/show_bug.cgi?id=2062202
--- Doc Text *updated* by Nick Tait <ntait(a)redhat.com> ---
A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a
certificate that has invalid elliptic curve parameters. Since certificate parsing happens
before verification of the certificate signature, any process that parses an externally
supplied certificate may be subject to a denial of service attack.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2062202