projects / oweals / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Various parts of the RSA documentation were inaccurate and out of date and
[oweals/openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index f83ca8c0a099b5ce3ab8e24437b7e43e1b25030c..75b88b66f7411a3ba99c79b368cbc94438878a4a 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1669,6 +1669,12 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 
  Changes between 0.9.6e and 0.9.6f  [XX xxx XXXX]
 
+  *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
+     and get fix the header length calculation.
+     [Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>,
+       Alon Kantor <alonk@checkpoint.com> (and others),
+       Steve Henson]
+
   *) Use proper error handling instead of 'assertions' in buffer
      overflow checks added in 0.9.6e.  This prevents DoS (the
      assertions could call abort()).
Unnamed repository; edit this file 'description' to name the repository.