Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 22 Apr 2009 14:07:14 +0000 (UTC)
From:      Colin Percival <cperciva@FreeBSD.org>
To:        cvs-src-old@freebsd.org
Subject:   cvs commit: src/crypto/openssl/crypto/asn1 asn1.h asn1_err.c tasn_dec.c
Message-ID:  <200904221407.n3ME7ena043564@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
cperciva    2009-04-22 14:07:14 UTC

  FreeBSD src repository

  Modified files:
    crypto/openssl/crypto/asn1 asn1.h asn1_err.c tasn_dec.c 
  Log:
  SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva
  
  Don't leak information via uninitialized space in db(3) records. [09:07]
  
  Sanity-check string lengths in order to stop OpenSSL crashing
  when printing corrupt BMPString or UniversalString objects. [09:08]
  
  Security:       FreeBSD-SA-09:07.libc
  Security:       FreeBSD-SA-09:08.openssl
  Security:       CVE-2009-0590
  Approved by:    re (kensmith)
  Approved by:    so (cperciva)
  
  Revision  Changes    Path
  1.3       +2 -0      src/crypto/openssl/crypto/asn1/asn1.h
  1.2       +220 -251  src/crypto/openssl/crypto/asn1/asn1_err.c
  1.2       +753 -377  src/crypto/openssl/crypto/asn1/tasn_dec.c



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904221407.n3ME7ena043564>