artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1bb265c) | patch
Avoid a potential out-of-bounds read in X509_cmp_time(), due to missing
authorjsing <jsing@openbsd.org>
Thu, 11 Jun 2015 15:58:53 +0000 (15:58 +0000)
committerjsing <jsing@openbsd.org>
Thu, 11 Jun 2015 15:58:53 +0000 (15:58 +0000)
commit180ed961878e77e03f79cee2178ec4de6d32b9fe
treeda2582dd003a0eef9d6bc8770cb7d4ec74055e75tree | snapshot
parent1bb265c6dc8ae140ac96aacb27c882cafd49dd4acommit | diff
Avoid a potential out-of-bounds read in X509_cmp_time(), due to missing
length checks.

Diff based on changes in OpenSSL.

Fixes CVE-2015-1789.

ok doug@
lib/libcrypto/x509/x509_vfy.c diff | blob | history
lib/libssl/src/crypto/x509/x509_vfy.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim