Google Git
Sign in
flutter/third_party/openssl/4a23b12a031860253b58d503f296377ca076427b
commit
4a23b12a031860253b58d503f296377ca076427b
[log]
author
Dr. Stephen Henson <steve@openssl.org>
Thu Jul 31 20:56:22 2014 +0100
committer
Matt Caswell <matt@openssl.org>
Wed Aug 06 20:36:41 2014 +0100
tree
23f11b15a67618d2cbb459d87dbc6de6ec51bb91
parent
80bd7b41b30af6ee96f519e629463583318de3b0 [diff]
Fix SRP buffer overrun vulnerability.

Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.

Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
1 file changed
tree: 23f11b15a67618d2cbb459d87dbc6de6ec51bb91
  1. apps/
  2. bugs/
  3. certs/
  4. crypto/
  5. demos/
  6. doc/
  7. engines/
  8. fips/
  9. include/
  10. ms/
  11. Netware/
  12. os2/
  13. perl/
  14. shlib/
  15. ssl/
  16. test/
  17. times/
  18. tools/
  19. util/
  20. VMS/
  21. .cvsignore
  22. .gitignore
  23. ACKNOWLEDGMENTS
  24. CHANGES
  25. CHANGES.SSLeay
  26. config
  27. Configure
  28. e_os.h
  29. e_os2.h
  30. FAQ
  31. GitConfigure
  32. GitMake
  33. INSTALL
  34. install.com
  35. INSTALL.DJGPP
  36. INSTALL.MacOS
  37. INSTALL.NW
  38. INSTALL.OS2
  39. INSTALL.VMS
  40. INSTALL.W32
  41. INSTALL.W64
  42. INSTALL.WCE
  43. LICENSE
  44. Makefile.fips
  45. Makefile.org
  46. Makefile.shared
  47. makevms.com
  48. NEWS
  49. openssl.doxy
  50. openssl.spec
  51. PROBLEMS
  52. README
  53. README.ASN1
  54. README.ECC
  55. README.ENGINE
  56. README.FIPS
  57. TABLE