diff options
| author | Gordon Tetlow <gordon@FreeBSD.org> | 2024-09-04 03:56:17 +0000 |
|---|---|---|
| committer | Gordon Tetlow <gordon@FreeBSD.org> | 2024-09-04 03:56:17 +0000 |
| commit | 108164cf95d9594884c2dcccba2691335e6f221b (patch) | |
| tree | 4e7056d88b26a82672d06a7aca8052b58615ca2f /doc/man3/OPENSSL_malloc.pod | |
| parent | e60dbfd00b009d424dfc5446d132872c93dd0aed (diff) | |
openssl: Import OpenSSL 3.0.15.vendor/openssl/3.0.15
This release incorporates the following bug fixes and mitigations:
- Fixed possible denial of service in X.509 name checks ([CVE-2024-6119])
- Fixed possible buffer overread in SSL_select_next_proto() ([CVE-2024-5535])
Release notes can be found at:
https://openssl-library.org/news/openssl-3.0-notes/index.html
Diffstat (limited to 'doc/man3/OPENSSL_malloc.pod')
| -rw-r--r-- | doc/man3/OPENSSL_malloc.pod | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/doc/man3/OPENSSL_malloc.pod b/doc/man3/OPENSSL_malloc.pod index 76751012bde5..20441e76ac65 100644 --- a/doc/man3/OPENSSL_malloc.pod +++ b/doc/man3/OPENSSL_malloc.pod @@ -99,7 +99,8 @@ OPENSSL_zalloc() calls memset() to zero the memory before returning. OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used when the buffer at B<addr> holds sensitive information. The old buffer is filled with zero's by calling OPENSSL_cleanse() -before ultimately calling OPENSSL_free(). +before ultimately calling OPENSSL_free(). If the argument to OPENSSL_free() is +NULL, nothing is done. OPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's. Use OPENSSL_cleanse() with care if the memory is a mapping of a file. @@ -198,7 +199,7 @@ clang's memory and leak sanitizer. =head1 COPYRIGHT -Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |