Fix potential overflow in CertificateRequest

commit: d64f1ad98b40417d583b80e23b646737cf086dcf [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Fri Oct 02 11:16:47 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Fri Oct 02 12:36:02 2015 +0200
tree: 9719d6c4c8784d49e69a7809851d8b04bcb23437
parent: 9a656a0aaa2ee184fc59a2a4dd1dcf6d1d536c43 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index a7c12a0..6c735e7 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -18,6 +18,10 @@
    * Fix possible heap buffer overflow in base64_encode() when the input
      buffer is 512MB or larger on 32-bit platforms.
      Found by Guido Vranken. Not trigerrable remotely in TLS.
+   * Fix potential heap buffer overflow in servers that perform client
+     authentication against a crafted CA cert. Cannot be triggered remotely
+     unless you allow third parties to pick trust CAs for client auth.
+     Found by Guido Vranken.
 
 = Version 1.2.16 released 2015-09-17
commit	d64f1ad98b40417d583b80e23b646737cf086dcf	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Fri Oct 02 11:16:47 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Fri Oct 02 12:36:02 2015 +0200
tree	9719d6c4c8784d49e69a7809851d8b04bcb23437
parent	9a656a0aaa2ee184fc59a2a4dd1dcf6d1d536c43 [diff] [blame]