artulab.com Git - openbsd/commit

author	tb <tb@openbsd.org>
	Thu, 18 Feb 2021 19:12:29 +0000 (19:12 +0000)
committer	tb <tb@openbsd.org>
	Thu, 18 Feb 2021 19:12:29 +0000 (19:12 +0000)
commit	885969450102e2201056743ce572cf8e5180b3f1
tree	69bab33f4db19d32702c5834809471214a14fe2d	tree \| snapshot
parent	bd694fdc92c3679f2f75b304162387822064c866	commit \| diff

Pull in fix for EVP_CipherUpdate() overflow from OpenSSL.

ok inoguchi

commit 6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
Author: Matt Caswell <matt@openssl.org>
Date:   Tue Feb 2 17:17:23 2021 +0000

    Don't overflow the output length in EVP_CipherUpdate calls

    CVE-2021-23840

Reviewed-by: Paul Dale <pauli@openssl.org>

lib/libcrypto/evp/evp_enc.c

diff | blob | history

OpenBSD src

RSS Atom

by Ahmet Artu Yildirim