projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Update from stable branch.
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 565645aab0f3a1478bd0addd7f20bf7a38251edd..024b05da11feea053eac524cc82fc417353f35cd 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -751,6 +751,11 @@
 
  Changes between 0.9.8j and 0.9.8k  [xx XXX xxxx]
 
+  *) Reject UniversalString and BMPString types with invalid lengths. This
+     prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
+     a legal length. (CVE-2009-0590)
+     [Steve Henson]
+
   *) Set S/MIME signing as the default purpose rather than setting it 
      unconditionally. This allows applications to override it at the store
      level.
Unnamed repository; edit this file 'description' to name the repository.