Fix invalid memory read in x509_get_sig()

commit: 0c2fa144bc93c2f390dbb7f220e6d262b5b9d621 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Apr 23 10:52:49 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Apr 23 10:55:05 2015 +0200
tree: c6e02e4df50b4ed9c2f9c2039a26d19a26e6816e
parent: cd7d24d4643a6187d6e87d3923805de65804e227 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index d41468f..efc06fb 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -5,6 +5,9 @@
 Security
    * Fix potential invalid memory read in the server, that allows a client to
      crash it remotely (found by Caj Larsson).
+   * Fix potential invalid memory read in certificate parsing, that allows a
+     client to crash the server remotely if client authentication is enabled
+     (found using Codenomicon Defensics).
 
 Bugfix
    * Fix bug in Via Padlock support (found by Nikos Mavrogiannopoulos).
commit	0c2fa144bc93c2f390dbb7f220e6d262b5b9d621	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Thu Apr 23 10:52:49 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Thu Apr 23 10:55:05 2015 +0200
tree	c6e02e4df50b4ed9c2f9c2039a26d19a26e6816e
parent	cd7d24d4643a6187d6e87d3923805de65804e227 [diff] [blame]