git: DragonFly_RELEASE_5_8 libressl: fix CVE-2020-1971
Daniel Fojt
deef at crater.dragonflybsd.org
Fri Dec 11 01:59:08 PST 2020
commit b6b1b27b903dd02b59156058defc4804eda88f0c
Author: Daniel Fojt <df at neosystem.org>
Date: Thu Dec 10 23:36:45 2020 +0100
libressl: fix CVE-2020-1971
Malformed ASN.1 in a certificate revocation list or a timestamp
response token can lead to a NULL pointer dereference.
Summary of changes:
crypto/libressl/crypto/asn1/asn1_err.c | 3 +-
crypto/libressl/crypto/asn1/asn1_lib.c | 4 ++-
crypto/libressl/crypto/asn1/tasn_dec.c | 22 +++++++++++++-
crypto/libressl/crypto/asn1/tasn_enc.c | 21 ++++++++++++-
crypto/libressl/crypto/x509v3/v3_genn.c | 52 +++++++++++++++++++++++++++++----
crypto/libressl/include/openssl/asn1.h | 3 +-
6 files changed, 94 insertions(+), 11 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b6b1b27b903dd02b59156058defc4804eda88f0c
--
DragonFly BSD source repository
More information about the Commits
mailing list