blob: 90cdb2d75e7b8097143f7aeb21119dbc6c764c65 (
plain)
1
2
3
4
5
6
7
8
9
|
o Major bugfixes (security)
- Fix a heap overflow bug where an adversary could cause heap
corruption. Since the contents of the corruption would need to be
the output of an RSA decryption, we do not think this is easy to
turn in to a remote code execution attack, but everybody should
upgrade anyway. Found by debuger. Bugfix on 0.1.2.10-rc.
o Defensive programming
- Introduce output size checks on all of our decryption functions.
|
