CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2021/02/18 12:12:29
Modified files: lib/libcrypto/evp: evp_enc.c Log message: Pull in fix for EVP_CipherUpdate() overflow from OpenSSL. ok inoguchi commit 6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1 Author: Matt Caswell <m...@openssl.org> Date: Tue Feb 2 17:17:23 2021 +0000 Don't overflow the output length in EVP_CipherUpdate calls CVE-2021-23840 Reviewed-by: Paul Dale <pa...@openssl.org>