Google Git
Sign in
flutter/third_party/openssl/f8d6be3f8170c4aa3bea1618994f912629f3d0c3^!/./CHANGES
commit
f8d6be3f8170c4aa3bea1618994f912629f3d0c3
[log]
author
Bodo Möller <bodo@openssl.org>
Sun Sep 14 13:42:34 2008 +0000
committer
Bodo Möller <bodo@openssl.org>
Sun Sep 14 13:42:34 2008 +0000
tree
18c4c5d270339284cc408289fff7cbf6994b6163
parent
d493899579429374026bc11c60859d5af9c2a0dc [diff] [blame]
Some precautions to avoid potential security-relevant problems.

diff --git a/CHANGES b/CHANGES
index f7427dd..b9a6d83 100644
--- a/CHANGES
+++ b/CHANGES

@@ -705,6 +705,22 @@
 
  Changes between 0.9.8h and 0.9.8i  [xx XXX xxxx]
 
+  *) Various precautionary measures:
+
+     - Avoid size_t integer overflow in HASH_UPDATE (md32_common.h).
+
+     - Avoid a buffer overflow in d2i_SSL_SESSION() (ssl_asn1.c).
+       (NB: This would require knowledge of the secret session ticket key
+       to exploit, in which case you'd be SOL either way.)
+
+     - Change bn_nist.c so that it will properly handle input BIGNUMs
+       outside the expected range.
+
+     - Enforce the 'num' check in BN_div() (bn_div.c) for non-BN_DEBUG
+       builds.
+
+     [Neel Mehta, Bodo Moeller]
+
   *) Add support for Local Machine Keyset attribute in PKCS#12 files.
      [Steve Henson]