CVSROOT: /cvs Module name: src Changes by: [email protected] 2025/09/30 06:51:16
Modified files:
lib/libcrypto/cms: cms_pwri.c
Log message:
cms: fix incorrect length check in kek_unwrap_key()
An incorrect length check can result in a 4-byte overwrite and an
8-byte overread.
>From Stanislav Fort and Viktor Dukhovni via OpenSSL.
CVE-2025-9230.
ok jsing
