LOGJAM: A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange . An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. An out-of-bounds read flaw was found in the X509_cmp_time function of OpenSSL, which is used to test the expiry dates of SSL/TLS certificates. An attacker could possibly use a specially-crafted SSL/TLS certificate or CRL , which when parsed by an application would cause that application to crash. A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. A race condition was found in the session handling code of OpenSSL. An attacker could cause a multi-threaded SSL/TLS server to crash. A denial of service flaw was found in OpenSSL in the way it verified certain signed messages using CMS . A remote attacker could cause an application using OpenSSL to use excessive amounts of memory by sending a specially-crafted message for verification. An invalid-free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could send a specially-crafted message to the peer, which could cause the application to crash or potentially cause arbitrary code execution. A regression was found in the ssleay_rand_bytes function. This could lead a multi-threaded application to crash