Fix potential buffer overflow in asn1write Ref: IOTSSL-519 backport of 22c3b7b

commit: 758f490c90eedcea91a8859eef035640c9a30f5b [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Wed Oct 21 12:07:47 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Tue Oct 27 11:47:37 2015 +0100
tree: 6f7afa8a983faa415a3b3fd4094c0b0c2d13306d
parent: 215a14bf29c5eac125ab986adefa37bb4fbc5284 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index b459887..ffdb5c4 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -9,6 +9,10 @@
    * Fix potential heap corruption on Windows when
      x509_crt_parse_path() is passed a path longer than 2GB. Cannot be
      triggered remotely. Found by Guido Vranken, Interlworks.
+   * Fix potential buffer overflow in some asn1_write_xxx() functions.
+     Cannot be triggered remotely unless you create X.509 certificates based
+     on untrusted input or write keys of untrusted origin. Found by Guido
+     Vranken, Interlworks.
 
 = mbed TLS 1.3.14 released 2015-10-06
commit	758f490c90eedcea91a8859eef035640c9a30f5b	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Wed Oct 21 12:07:47 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Tue Oct 27 11:47:37 2015 +0100
tree	6f7afa8a983faa415a3b3fd4094c0b0c2d13306d
parent	215a14bf29c5eac125ab986adefa37bb4fbc5284 [diff] [blame]