Diffusion FreeBSD src repository 9e94eac9765f

OpenSSL: Don't overflow the output length in EVP_CipherUpdate calls
9e94eac9765f
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

OpenSSL: Don't overflow the output length in EVP_CipherUpdate calls

Note it is backported from OpenSSL 1.1.1j to fix CVE-2021-23840.

https://github.com/openssl/openssl/commit/6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1

Details

Provenance

jkim	Authored on Feb 18 2021, 5:43 PM

Parents

rGe710703067b1: MFC 12148d4300db:

Branches

Unknown

Tags

Unknown

Event Timeline

jkim committed rG9e94eac9765f: OpenSSL: Don't overflow the output length in EVP_CipherUpdate calls (authored by jkim).Feb 18 2021, 5:43 PM

Changes (3)

Path

Size

crypto/

openssl/

crypto/

evp/

rG9e94eac9765f

crypto/openssl/crypto/evp/evp.h

Loading...

crypto/openssl/crypto/evp/evp_enc.c

Loading...

crypto/openssl/crypto/evp/evp_err.c

Loading...