[Midnightbsd-cvs] [MidnightBSD/src] afdef2: backport of
Lucas Holt
noreply at github.com
Tue Sep 30 14:07:13 EDT 2025
Branch: refs/heads/stable/4.0
Home: https://github.com/MidnightBSD/src
Commit: afdef25825d011d9f7a1beba1a322e1c523beb55
https://github.com/MidnightBSD/src/commit/afdef25825d011d9f7a1beba1a322e1c523beb55
Author: Lucas Holt <luke at foolishgames.com>
Date: 2025-09-30 (Tue, 30 Sep 2025)
Changed paths:
M crypto/openssl/crypto/cms/cms_pwri.c
Log Message:
-----------
backport of
kek_unwrap_key(): Fix incorrect check of unwrapped key size
Fixes CVE-2025-9230
The check is off by 8 bytes so it is possible to overread by
up to 8 bytes and overwrite up to 4 bytes.
https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def
To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications
More information about the Midnightbsd-cvs
mailing list