Vulnerability in OpenSSL - Invalid GOST parameters DoS Attack
A malicious TLS client can send an invalid set of GOST parameters which will cause the server to crash due to lack of error checking. This could be used in a denial-of-service attack. Only users of the OpenSSL GOST ENGINE are affected by this bug. Found by Andrey Kulikov...