Fix uninitialised pointer dereference

2026-01-06 06:28:56 +01:00 · 2014-11-11 22:17:26 +01:00 · 2014-11-11 22:17:26 +01:00 · 0369a5291b
commit 0369a5291b
parent e9271e6835
3 changed files with 11 additions and 0 deletions
--- a/5
+++ b/5
@ -2,6 +2,11 @@ PolarSSL ChangeLog (Sorted per branch, date)

 = PolarSSL 1.3.z branch

+Security
+   * Fix remotely-triggerable uninitialised pointer dereference caused by
+     crafted X.509 certificate (server is not affected if it doesn't ask for a
+     client certificate) (found using Codenomicon Defensics).
+
 Features
   * Add function pk_check_pair() to test if public and private keys match.