yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-25 19:35:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix potential integer overflow parsing DER CRT

Browse Source 
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
This commit is contained in:
Andres AG 2017-03-09 16:16:11 +00:00 committed by Simon Butcher
parent ce49a25033
commit 6b171e4aec
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -237,6 +237,9 @@ Bugfix
digits. Found and fixed by Guido Vranken. digits. Found and fixed by Guido Vranken.
* Fix unlisted DES configuration dependency in some pkparse test cases. Found * Fix unlisted DES configuration dependency in some pkparse test cases. Found
by inestlerode. #555 by inestlerode. #555
* Fix a potential integer overflow in the version verification for DER
encoded X509 certificates. The overflow would enable maliciously
constructed certificates to bypass the certificate verification check.
= mbed TLS 2.4.1 branch released 2016-12-13 = mbed TLS 2.4.1 branch released 2016-12-13