CVS: cvs.openbsd.org: src

Theo Buehler Thu, 18 Feb 2021 11:12:44 -0800

CVSROOT:        /cvs
Module name:    src
Changes by:     t...@cvs.openbsd.org    2021/02/18 12:12:29


Modified files:
        lib/libcrypto/evp: evp_enc.c 

Log message:
Pull in fix for EVP_CipherUpdate() overflow from OpenSSL.

ok inoguchi

commit 6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
Author: Matt Caswell <m...@openssl.org>
Date:   Tue Feb 2 17:17:23 2021 +0000

Don't overflow the output length in EVP_CipherUpdate calls

CVE-2021-23840

Reviewed-by: Paul Dale <pa...@openssl.org>

CVS: cvs.openbsd.org: src

Reply via email to