CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2025/09/30 06:54:59
Modified files:
lib/libcrypto/cms: Tag: OPENBSD_7_6 cms_pwri.c
Log message:
cms_RecipientInfo_pwri_crypt: fix incorrect return check
cms_RecipientInfo_pwri_crypt: plug leak of kekalg
cms: fix incorrect length check in kek_unwrap_key()
An incorrect length check can result in a 4-byte overwrite and an
8-byte overread.
>From Stanislav Fort and Viktor Dukhovni via OpenSSL.
CVE-2025-9230.
ok jsing
this is errata/7.6/023_libcrypto.patch.sig
