From ce49a250333ff25ca896108bc3f953cbb21f9638 Mon Sep 17 00:00:00 2001 From: Andres AG Date: Fri, 10 Feb 2017 14:39:58 +0000 Subject: [PATCH] Fix potential integer overflow parsing DER CRL This patch prevents a potential signed integer overflow during the CRL version verification checks. --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index 8db6551c5..59a1c0d63 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,6 +13,10 @@ Bugfix Found by redplait #590 * Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random. Reported and fix suggested by guidovranken in #740 + * Fix a potential integer overflow in the version verification for DER + encoded X509 CRLs. The overflow would enable maliciously constructed CRLs + to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin, + KNOX Security, Samsung Research America Security * Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,