CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2022/02/08 12:13:51
Modified files:
lib/libtls : tls.c
Log message:
Plug a long standing leak in libtls CRL handling
X509_STORE_add_crl() does not take ownership of the CRL, it bumps its
refcount. So nulling out the CRL from the stack will leak it.
Issue reported by KS Sreeram, thanks!
ok jsing
