CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2025/09/30 06:54:18
Modified files:
lib/libcrypto/cms: Tag: OPENBSD_7_7 cms_pwri.c
Log message:
cms_RecipientInfo_pwri_crypt: fix incorrect return check
cms_RecipientInfo_pwri_crypt: plug leak of kekalg
cms: fix incorrect length check in kek_unwrap_key()
An incorrect length check can result in a 4-byte overwrite and an
8-byte overread.
>From Stanislav Fort and Viktor Dukhovni via OpenSSL.
CVE-2025-9230.
ok jsing
this is errata/7.7/010_libcrypto.patch.sig
