[Midnightbsd-cvs] [MidnightBSD/src] ad1cff: backport of
Lucas Holt
noreply at github.com
Tue Sep 30 10:28:43 EDT 2025
Branch: refs/heads/master
Home: https://github.com/MidnightBSD/src
Commit: ad1cfffb414dd9f3e6787cd0e39c3d2b319addd5
https://github.com/MidnightBSD/src/commit/ad1cfffb414dd9f3e6787cd0e39c3d2b319addd5
Author: Lucas Holt <luke at foolishgames.com>
Date: 2025-09-30 (Tue, 30 Sep 2025)
Changed paths:
M crypto/openssl/crypto/cms/cms_pwri.c
Log Message:
-----------
backport of
kek_unwrap_key(): Fix incorrect check of unwrapped key size
Fixes CVE-2025-9230
The check is off by 8 bytes so it is possible to overread by
up to 8 bytes and overwrite up to 4 bytes.
https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def
To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications
More information about the Midnightbsd-cvs
mailing list