CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2016/05/04 09:05:13
Modified files:
lib/libssl/src/crypto/evp: encode.c evp_enc.c
Log message:
fix for integer overflow in encode and encrypt update functions.
additionally, in EncodeUpdate, if the amount written would overflow,
return 0 instead to prevent bugs in the caller.
CVE-2016-2105 and CVE-2016-2106 from openssl.
