CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2020/12/08 08:08:47
Modified files:
lib/libcrypto/asn1: Tag: OPENBSD_6_8 asn1.h asn1_err.c
asn1_lib.c tasn_dec.c tasn_enc.c
lib/libcrypto/x509: Tag: OPENBSD_6_8 x509_genn.c
Log message:
Fix a NULL dereference in GENERAL_NAME_cmp()
Comparing two GENERAL_NAME structures containing an EDIPARTYNAME can lead
to a crash. This enables a denial of service attack for an attacker who can
control both sides of the comparison.
Issue reported to OpenSSL on Nov 9 by David Benjamin.
OpenSSL shared the information with us on Dec 1st.
Fix from Matt Caswell (OpenSSL) with a few small tweaks.
ok jsing
this is errata/6.8/008_asn1.patch.sig
