summaryrefslogtreecommitdiffstats
path: root/CHANGES
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2013-01-24 13:30:42 +0000
committerDr. Stephen Henson <steve@openssl.org>2013-01-29 16:49:24 +0000
commit62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7 (patch)
tree15fb8fedf8e52fb1f7e2d8f0b1a790911a91ce54 /CHANGES
parent014265eb02e26f35c8db58e2ccbf100b0b2f0072 (diff)
Don't try and verify signatures if key is NULL (CVE-2013-0166)
Add additional check to catch this in ASN1_item_verify too.
Diffstat (limited to 'CHANGES')
-rw-r--r--CHANGES4
1 files changed, 4 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index ef8b2bf76d..4cc7c134bd 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
Changes between 1.0.1c and 1.0.1d [xx XXX xxxx]
+ *) Return an error when checking OCSP signatures when key is NULL.
+ This fixes a DoS attack. (CVE-2013-0166)
+ [Steve Henson]
+
*) Make openssl verify return errors.
[Chris Palmer <palmer@google.com> and Ben Laurie]
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 07:21:20 +0000