Update from stable branch.

author: Dr. Stephen Henson <steve@openssl.org> 2009-03-25 12:53:26 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-03-25 12:53:26 +0000
commit: 7ce8c95d58ded63f9b5d40d98d9329b2cc751827 (patch)
tree: adf921ba0a20b4e95dbf84f3a91e5222ecf9578d /CHANGES
parent: 38b6e6c07b5fd3c926c8ec3f8326e96476b8c969 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 565645aab0..024b05da11 100644
--- a/CHANGES
+++ b/CHANGES
@@ -751,6 +751,11 @@
 
  Changes between 0.9.8j and 0.9.8k  [xx XXX xxxx]
 
+  *) Reject UniversalString and BMPString types with invalid lengths. This
+     prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
+     a legal length. (CVE-2009-0590)
+     [Steve Henson]
+
   *) Set S/MIME signing as the default purpose rather than setting it 
      unconditionally. This allows applications to override it at the store
      level.
author	Dr. Stephen Henson <steve@openssl.org>	2009-03-25 12:53:26 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-03-25 12:53:26 +0000
commit	7ce8c95d58ded63f9b5d40d98d9329b2cc751827 (patch)
tree	adf921ba0a20b4e95dbf84f3a91e5222ecf9578d /CHANGES
parent	38b6e6c07b5fd3c926c8ec3f8326e96476b8c969 (diff)