- 20 7月, 2023 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21451) (cherry picked from commit 4ec53ad6e1791daafbe26bdbd539f2ba9172959a) Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
- 18 7月, 2023 1 次提交
-
-
由 Tomas Mraz 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21384) (cherry picked from commit 1e398bec538978b9957e69bf9e12b3c626290bea) Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
- 02 6月, 2023 1 次提交
-
-
由 Richard Levitte 提交于
OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical numeric text form. For gigantic sub-identifiers, this would take a very long time, the time complexity being O(n^2) where n is the size of that sub-identifier. To mitigate this, a restriction on the size that OBJ_obj2txt() will translate to canonical numeric text form is added, based on RFC 2578 (STD 58), which says this: > 3.5. OBJECT IDENTIFIER values > > An OBJECT IDENTIFIER value is an ordered list of non-negative numbers. > For the SMIv2, each number in the list is referred to as a sub-identifier, > there are at most 128 sub-identifiers in a value, and each sub-identifier > has a maximum value of 2^32-1 (4294967295 decimal). Fixes otc/security#96 Fixes CVE-2023-2650 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
- 26 4月, 2023 3 次提交
-
-
由 Tomas Mraz 提交于
The function was incorrectly documented as enabling policy checking. Fixes: CVE-2023-0466 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20563) Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: I515b0c03074af5cf5a6f5e72bcec4a2d6642707a
-
由 Tomas Mraz 提交于
Original author: Nevine Ebeid (Amazon) Fixes: CVE-2023-1255 The buffer overread happens on decrypts of 4 mod 5 sizes. Unless the memory just after the buffer is unmapped this is harmless. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/20759) (cherry picked from commit 72dfe46550ee1f1bbfacd49f071419365bc23304) Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: I636543b8cf34e1edaeee4d1c0d5617eb500a24a6
-
由 Hugo Landau 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Change-Id: If27a355635b2da681abac1d757386a5c9dfcdae3 Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
- 12 4月, 2023 1 次提交
-
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-