diff options
author | Jack Lloyd <[email protected]> | 2018-04-10 09:14:16 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-04-10 09:14:16 -0400 |
commit | 7ea78896c75f4c45f26175931cd08a555974f29d (patch) | |
tree | ad8d36e7fc3d4901331562fe77fdde4b6c0f497d /doc | |
parent | 99bffd403a87527acefc3b5517370dc5fc99b390 (diff) |
Add security advisory
Diffstat (limited to 'doc')
-rw-r--r-- | doc/security.rst | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/security.rst b/doc/security.rst index d0b9504f3..8e661c0ad 100644 --- a/doc/security.rst +++ b/doc/security.rst @@ -18,6 +18,17 @@ https://keybase.io/jacklloyd and on most PGP keyservers. 2018 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* 2018-04-10 (CVE-2018-9860): Memory overread in TLS CBC decryption + + An off by one error in TLS CBC decryption meant that for a particular + malformed ciphertext, the receiver would miscompute a length field and HMAC + exactly 64K bytes of data following the record buffer as if it was part of the + message. This cannot be used to leak information since the MAC comparison will + subsequently fail and the connection will be closed. However it might be used + for denial of service. Found by OSS-Fuzz. + + Bug introduced in 1.11.32, fixed in 2.6.0 + * 2018-03-29 (CVE-2018-9127): Invalid wildcard match RFC 6125 wildcard matching was incorrectly implemented, so that a wildcard |