diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2001-02-24 01:38:56 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2001-02-24 01:38:56 +0000 |
| commit | db4a465974cad1e84a16ba46f946e5db00b1fea6 (patch) | |
| tree | b33ae0b0d09cb5f406a6454b4c6aa2da0bf94190 /CHANGES | |
| parent | 3cdc8ad07a01b1292d8441e3ed7368b4a47a40da (diff) | |
Stop PKCS7_verify() core dumping with unknown public
key algorithms and leaking if the signature verify
fails.
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -3,6 +3,11 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] + *) Avoid coredump with unsupported or invalid public keys by checking if + X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when + PKCS7_verify() fails with non detached data. + [Steve Henson] + *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate ID to be generated from the issuer certificate alone which can then be |