If it was discovered before the LibreSSL fork, there's a good chance
it has been fixed, otherwise the move from non-standard malloc
functions has probably nipped this one in the bud. That's my guess
based on what I know about LibreSSL.
On Fri, Oct 14, 2016 at 3:55 PM, Peter Janos <peterjan...@mail.com> wrote:
> Hello gods,
> a little bit old, but LibreSSL got this?
> The original X509_NAME decode free code was buggy: this
> could result in double free or leaks if a malloc failure
> Simplify and fix the logic.
> Thanks to Guido Vranken for reporting this issue.
> Reviewed-by: Matt Caswell <m...@openssl.org>
> (Merged from #1691)
Aaron Mason - Programmer, open source addict
I've taken my software vows - for beta or for worse