diff options
author | Jung-uk Kim <jkim@FreeBSD.org> | 2016-09-26 14:22:17 +0000 |
---|---|---|
committer | Jung-uk Kim <jkim@FreeBSD.org> | 2016-09-26 14:22:17 +0000 |
commit | f1fe58d376da2dcab195b392c2e2e9f0b510508b (patch) | |
tree | ac28a3a83a247682dcc953a2af67f49b51b2b73e /crypto/openssl/CHANGES | |
parent | 5b1b1405e3fb8883d5d2b2749eecd9115206c07d (diff) | |
parent | e656c34a188598ebce6423c4fbc4860921d41be4 (diff) | |
download | src-test2-f1fe58d376da2dcab195b392c2e2e9f0b510508b.tar.gz src-test2-f1fe58d376da2dcab195b392c2e2e9f0b510508b.zip |
Notes
Diffstat (limited to 'crypto/openssl/CHANGES')
-rw-r--r-- | crypto/openssl/CHANGES | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES index 4bdd39064655..042afe37246c 100644 --- a/crypto/openssl/CHANGES +++ b/crypto/openssl/CHANGES @@ -2,6 +2,18 @@ OpenSSL CHANGES _______________ + Changes between 1.0.2i and 1.0.2j [26 Sep 2016] + + *) Missing CRL sanity check + + A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 + but was omitted from OpenSSL 1.0.2i. As a result any attempt to use + CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. + + This issue only affects the OpenSSL 1.0.2i + (CVE-2016-7052) + [Matt Caswell] + Changes between 1.0.2h and 1.0.2i [22 Sep 2016] *) OCSP Status Request extension unbounded memory growth |