)]}'
{
  "commit": "4a23b12a031860253b58d503f296377ca076427b",
  "tree": "23f11b15a67618d2cbb459d87dbc6de6ec51bb91",
  "parents": [
    "80bd7b41b30af6ee96f519e629463583318de3b0"
  ],
  "author": {
    "name": "Dr. Stephen Henson",
    "email": "steve@openssl.org",
    "time": "Thu Jul 31 20:56:22 2014 +0100"
  },
  "committer": {
    "name": "Matt Caswell",
    "email": "matt@openssl.org",
    "time": "Wed Aug 06 20:36:41 2014 +0100"
  },
  "message": "Fix SRP buffer overrun vulnerability.\n\nInvalid parameters passed to the SRP code can be overrun an internal\nbuffer. Add sanity check that g, A, B \u003c N to SRP code.\n\nThanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC\nGroup for reporting this issue.\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "18d1bb92da31988b95cc76289fd8ebb3882d93d3",
      "old_mode": 33188,
      "old_path": "crypto/srp/srp_lib.c",
      "new_id": "d2c237e96078e67ebfa21ddddda5bbaf3a5120a4",
      "new_mode": 33188,
      "new_path": "crypto/srp/srp_lib.c"
    }
  ]
}
