diff options
Diffstat (limited to 'changes/tolen_asserts')
| -rw-r--r-- | changes/tolen_asserts | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/changes/tolen_asserts b/changes/tolen_asserts new file mode 100644 index 0000000000..a9834ab669 --- /dev/null +++ b/changes/tolen_asserts @@ -0,0 +1,8 @@ + o Major bugfixes (security) + - Fix a heap overflow bug where an adversary could cause heap + corruption. This bug potentially allows remote code execution + attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on + 0.1.2.10-rc. + o Defensive programming + - Introduce output size checks on all of our decryption functions. + |