diff options
| author | Jung-uk Kim <jkim@FreeBSD.org> | 2016-09-26 14:13:11 +0000 |
|---|---|---|
| committer | Jung-uk Kim <jkim@FreeBSD.org> | 2016-09-26 14:13:11 +0000 |
| commit | e656c34a188598ebce6423c4fbc4860921d41be4 (patch) | |
| tree | fd5089019665f3f3650638863afd64c274108bfe /CHANGES | |
| parent | e1b483878d9824c63d376895da633b0b96fbbaed (diff) | |
| download | src-e656c34a188598ebce6423c4fbc4860921d41be4.tar.gz src-e656c34a188598ebce6423c4fbc4860921d41be4.zip | |
Import OpenSSL 1.0.2j.vendor/openssl/1.0.2j
Notes
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=306340
svn path=/vendor-crypto/openssl/1.0.2j/; revision=306341; tag=vendor/openssl/1.0.2j
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -2,6 +2,18 @@ OpenSSL CHANGES _______________ + Changes between 1.0.2i and 1.0.2j [26 Sep 2016] + + *) Missing CRL sanity check + + A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 + but was omitted from OpenSSL 1.0.2i. As a result any attempt to use + CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. + + This issue only affects the OpenSSL 1.0.2i + (CVE-2016-7052) + [Matt Caswell] + Changes between 1.0.2h and 1.0.2i [22 Sep 2016] *) OCSP Status Request extension unbounded memory growth |