[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Sat Feb 2 07:09:38 UTC 2019
The branch OpenSSL_1_1_1-stable has been updated
via 63b596e38df603c983da188c6ace3e335a116730 (commit)
from 243ff51cc6757ab56cda4a7f69fbdcddf81141b6 (commit)
- Log -----------------------------------------------------------------
commit 63b596e38df603c983da188c6ace3e335a116730
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Wed Jan 30 16:20:31 2019 +0100
Add an entry to the CHANGES for the d2i_X509_PUBKEY fix
The commit 5dc40a83c74be579575a512b30d9c1e0364e6a7b forgot
to add a short description to the CHANGES file.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8144)
(cherry picked from commit b2aea0e3d9a15e30ebce8b6da213df4a3f346155)
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/CHANGES b/CHANGES
index 261299d..81e3f84 100644
--- a/CHANGES
+++ b/CHANGES
@@ -16,6 +16,10 @@
interoperability with such broken implementations. However, enabling
this switch breaks interoperability with correct implementations.
+ *) Fix a use after free bug in d2i_X509_PUBKEY when overwriting a
+ re-used X509_PUBKEY object if the second PUBKEY is malformed.
+ [Bernd Edlinger]
+
*) Move strictness check from EVP_PKEY_asn1_new() to EVP_PKEY_asn1_add0().
[Richard Levitte]
More information about the openssl-commits
mailing list