* modules/ssl/ssl_engine_kernel.c (ssl_callback_SSLVerify_CRL): Fix
off-by-one.
PR: 35081
Submitted by: Marc Stern <mstern csc.com>
Reviewed by: jorton, trawick, pquerna
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@189562
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.0.55
+ *) SECURITY: CAN-2005-1268 (cve.mitre.org)
+ mod_ssl: Fix off-by-one overflow whilst printing CRL information
+ at "LogLevel debug" which could be triggered if configured
+ to use a "malicious" CRL. PR 35081. [Marc Stern <mstern csc.com>]
+
*) mod_userdir: Fix possible memory corruption issue. PR 34588.
[David Leonard <dleonard vintela.com>]
http://svn.apache.org/viewcvs?rev=179622&view=rev
+1: trawick
- *) mod_ssl: Fix off-by-one, CVE CAN-2005-1268.
- PR: 35081
- http://svn.apache.org/viewcvs?rev=179781&view=rev
- +1: jorton, trawick, pquerna
-
*) mod_cache: Fix handling of 'Vary: *". PR 16125.
Trunk: r180341
2.0.x Patch: http://issues.apache.org/bugzilla/attachment.cgi?id=15297
BIO_printf(bio, ", nextUpdate: ");
ASN1_UTCTIME_print(bio, X509_CRL_get_nextUpdate(crl));
- n = BIO_read(bio, buff, sizeof(buff));
+ n = BIO_read(bio, buff, sizeof(buff) - 1);
buff[n] = '\0';
BIO_free(bio);
projects / thirdparty / apache / httpd.git / commitdiff
