]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d4b119c) | patch
Check DSA parameters for excessive sizes before validating 24399/head
authorTomas Mraz <tomas@openssl.org>
Wed, 8 May 2024 13:23:45 +0000 (15:23 +0200)
committerTomas Mraz <tomas@openssl.org>
Thu, 16 May 2024 13:49:12 +0000 (15:49 +0200)
commit3559e868e58005d15c6013a0c1fd832e51c73397
tree96f15184b6e973ac767ea20ebcc76795e15b40a4tree
parentd4b119c567cb5dcaf83add7ca2ea1d646eb3ef9fcommit | diff
Check DSA parameters for excessive sizes before validating

This avoids overly long computation of various validation
checks.

Fixes CVE-2024-4603

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24346)

(cherry picked from commit 85ccbab216da245cf9a6503dd327072f21950d9b)
CHANGES.md diff | blob | blame | history
crypto/dsa/dsa_check.c diff | blob | blame | history
test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem [new file with mode: 0644] blob
Mirror of https://github.com/openssl/openssl.git