diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-23 16:48:31 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-23 16:48:31 +0100 |
commit | 4b5216d9b8ed0f135688da2b673c26d6d07df3ae (patch) | |
tree | 5f19e6c3815c228e0786e5faabfe74cbbe556490 | |
parent | 0e9cce408c680e0f723512bdcdcecdfb60ad59ee (diff) | |
download | gnutls-4b5216d9b8ed0f135688da2b673c26d6d07df3ae.tar.gz |
doc update
-rw-r--r-- | NEWS | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -18,8 +18,13 @@ See the end for copying conditions. a long list of names in functions such as gnutls_x509_crt_check_hostname(). With the current code, the SANs are parsed once on certificate import. -** libgnutls: Addressed invalid memory access in OpenPGP certificate parsing. - (issue found using oss-fuzz project) +** libgnutls: Addressed integer overflow resulting to invalid memory write + in OpenPGP certificate parsing (issue found using oss-fuzz project: + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420 ) + +** libgnutls: Addressed read of 1 byte past the end of buffer in OpenPGP + certificate parsing (issue found using oss-fuzz project: + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391 ) ** libgnutls: Print the key PIN value used by the HPKP protocol as per RFC7469 when printing certificate information. |