Merge GH #978 Fix bad read in X509 DN comparisons (CVE-2017-2801)

author: Jack Lloyd <[email protected]> 2017-04-04 16:46:44 -0400
committer: Jack Lloyd <[email protected]> 2017-04-04 16:46:44 -0400
commit: cbd9952859c90845f1b6c578b8487e51105f042e (patch)
tree: b43a4313a68f10d2d34ed6bc0f4ea380a07191c1 /doc
parent: a17bfd26d81d2182a5ecccb98f75ff05c7c999bd (diff)
parent: 92f3ff5e27f6736d8a498e0d3144255c4ba37c8d (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/doc/security.rst b/doc/security.rst
index 9ed29ef03..9d08ed8c8 100644
--- a/doc/security.rst
+++ b/doc/security.rst
@@ -18,7 +18,18 @@ https://keybase.io/jacklloyd and on most PGP keyservers.
 2017
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-* 2017-03-23 (CVE-2016-7252): Incorrect bcrypt computation
+* 2017-04-04 (CVE-2017-2801): Incorrect comparison in X.509 DN strings
+
+  Botan's implementation of X.509 name comparisons had a flaw which
+  could result in an out of bound memory read while processing a
+  specially formed DN. This could potentially be exploited for
+  information disclosure or denial of service, or result in incorrect
+  validation results. Found independently by Aleksandar Nikolic of
+  Cisco Talos, and OSS-Fuzz automated fuzzing infrastructure.
+
+  Bug introduced in 1.6.0 or earlier, fixed in 2.1.0 and 1.10.16
+
+* 2017-03-23 (CVE-2017-7252): Incorrect bcrypt computation
 
   Botan's implementation of bcrypt password hashing scheme truncated long
   passwords at 56 characters, instead of at bcrypt's standard 72 characters
author	Jack Lloyd <[email protected]>	2017-04-04 16:46:44 -0400
committer	Jack Lloyd <[email protected]>	2017-04-04 16:46:44 -0400
commit	cbd9952859c90845f1b6c578b8487e51105f042e (patch)
tree	b43a4313a68f10d2d34ed6bc0f4ea380a07191c1 /doc
parent	a17bfd26d81d2182a5ecccb98f75ff05c7c999bd (diff)
parent	92f3ff5e27f6736d8a498e0d3144255c4ba37c8d (diff)