]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1050f68)
Add an entry to the CHANGES for the d2i_X509_PUBKEY fix
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Wed, 30 Jan 2019 15:20:31 +0000 (16:20 +0100)
committerBernd Edlinger <bernd.edlinger@hotmail.de>
Fri, 1 Feb 2019 18:41:45 +0000 (19:41 +0100)
The commit 5dc40a83c74be579575a512b30d9c1e0364e6a7b forgot
to add a short description to the CHANGES file.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8144)

CHANGES patch | blob | history

diff --git a/CHANGES b/CHANGES
index 20b1f5c5d4618a3183fea28f24753c3bb5e41da5..a72dabaf39440d7cf70f057e139c9547cca285f1 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -16,6 +16,10 @@
      interoperability with such broken implementations. However, enabling
      this switch breaks interoperability with correct implementations.
 
+  *) Fix a use after free bug in d2i_X509_PUBKEY when overwriting a
+     re-used X509_PUBKEY object if the second PUBKEY is malformed.
+     [Bernd Edlinger]
+
   *) Move strictness check from EVP_PKEY_asn1_new() to EVP_PKEY_asn1_add0().
      [Richard Levitte]
 
Unnamed repository; edit this file 'description' to name the repository.