projects / platform / upstream / nodejs.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 248f552) | patch
deps: back-port openssl patch
authorBen Noordhuis <info@bnoordhuis.nl>
Mon, 30 Apr 2012 22:36:40 +0000 (00:36 +0200)
committerBen Noordhuis <info@bnoordhuis.nl>
Mon, 30 Apr 2012 22:40:38 +0000 (00:40 +0200)
commit89e311b1aee2009b2f710143e64332816374f617
treec55c461e91d60d19a06a3b244cde8ffc6650b490tree | snapshot
parent248f552ab4567943e6254cead09ded6c4fd91f05commit | diff
deps: back-port openssl patch

Check for potentially exploitable overflows in asn1_d2i_read_bio
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Taken from OpenSSL CVS. Addresses CVE-2012-2110.
deps/openssl/openssl/crypto/asn1/a_d2i_fp.c diff | blob | history
deps/openssl/openssl/crypto/buffer/buffer.c diff | blob | history
deps/openssl/openssl/crypto/mem.c diff | blob | history
Domain: Web Framework / Common;