CVE-2016-2105
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
Date published : 2016-05-04
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html