Fix potential stack overflow

2026-03-08 04:16:26 +00:00 · 2014-11-12 01:25:31 +01:00
parent b134060f90
commit d681443f69
2 changed files with 30 additions and 23 deletions
--- a/7
+++ b/7
@@ -4,10 +4,13 @@ PolarSSL ChangeLog (Sorted per branch, date)

 Security
   * Fix remotely-triggerable uninitialised pointer dereference caused by
-     crafted X.509 certificate (server is not affected if it doesn't ask for a
+     crafted X.509 certificate (TLS server is not affected if it doesn't ask for a
     client certificate) (found using Codenomicon Defensics).
   * Fix remotely-triggerable memory leak caused by crafted X.509 certificates
-     (server is not affected if it doesn't ask for a client certificate)
+     (TLS server is not affected if it doesn't ask for a client certificate)
+     (found using Codenomicon Defensics).
+   * Fix potential stack overflow while parsing crafted X.509 certificates
+     (TLS server is not affected if it doesn't ask for a client certificate)
     (found using Codenomicon Defensics).

 Features