mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-22 23:25:30 +00:00
Fix potential integer overflow parsing DER CRT
This patch prevents a potential signed integer overflow during the certificate version verification checks.
This commit is contained in:
parent
ce49a25033
commit
6b171e4aec
|
@ -237,6 +237,9 @@ Bugfix
|
|||
digits. Found and fixed by Guido Vranken.
|
||||
* Fix unlisted DES configuration dependency in some pkparse test cases. Found
|
||||
by inestlerode. #555
|
||||
* Fix a potential integer overflow in the version verification for DER
|
||||
encoded X509 certificates. The overflow would enable maliciously
|
||||
constructed certificates to bypass the certificate verification check.
|
||||
|
||||
= mbed TLS 2.4.1 branch released 2016-12-13
|
||||
|
||||
|
|
Loading…
Reference in a new issue