CVSROOT: /cvs Module name: src Changes by: [email protected] 2021/02/18 12:12:29
Modified files:
lib/libcrypto/evp: evp_enc.c
Log message:
Pull in fix for EVP_CipherUpdate() overflow from OpenSSL.
ok inoguchi
commit 6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
Author: Matt Caswell <[email protected]>
Date: Tue Feb 2 17:17:23 2021 +0000
Don't overflow the output length in EVP_CipherUpdate calls
CVE-2021-23840
Reviewed-by: Paul Dale <[email protected]>
