Loading CHANGES +6 −0 Original line number Diff line number Diff line Loading @@ -418,6 +418,9 @@ Changes between 1.0.0d and 1.0.0e [xx XXX xxxx] *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller] *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check signature public key algorithm by using OID xref utilities instead. Before this you could only use some ECC ciphersuites with SHA1 only. Loading Loading @@ -1312,6 +1315,9 @@ Changes between 0.9.8r and 0.9.8s [xx XXX xxxx] *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller] *) Add protection against ECDSA timing attacks as mentioned in the paper by Billy Bob Brumley and Nicola Tuveri, see: Loading crypto/asn1/x_name.c +3 −1 Original line number Diff line number Diff line Loading @@ -215,6 +215,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, *in = p; return ret; err: if (nm.x != NULL) X509_NAME_free(nm.x); ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR); return 0; } Loading Loading
CHANGES +6 −0 Original line number Diff line number Diff line Loading @@ -418,6 +418,9 @@ Changes between 1.0.0d and 1.0.0e [xx XXX xxxx] *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller] *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check signature public key algorithm by using OID xref utilities instead. Before this you could only use some ECC ciphersuites with SHA1 only. Loading Loading @@ -1312,6 +1315,9 @@ Changes between 0.9.8r and 0.9.8s [xx XXX xxxx] *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller] *) Add protection against ECDSA timing attacks as mentioned in the paper by Billy Bob Brumley and Nicola Tuveri, see: Loading
crypto/asn1/x_name.c +3 −1 Original line number Diff line number Diff line Loading @@ -215,6 +215,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, *in = p; return ret; err: if (nm.x != NULL) X509_NAME_free(nm.x); ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR); return 0; } Loading
