mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2025-02-05 18:05:16 +00:00
Code Issues Releases Activity
freebsd/crypto
History
Cy Schubert fc773115fa heimdal: Fix NULL deref 
A flawed logical condition allows a malicious actor to remotely
trigger a NULL pointer dereference using a crafted negTokenInit
token.

Upstream notes:

    Reported to Heimdal by Michał Kępień <michal@isc.org>.

    From the report:

    Acknowledgement
    ---------------

    This flaw was found while working on addressing ZDI-CAN-12302: ISC BIND
    TKEY Query Heap-based Buffer Overflow Remote Code Execution
    Vulnerability, which was reported to ISC by Trend Micro's Zero Day

Security:	CVE-2022-3116
Obtained from:	upstream 7a19658c1
MFC after:	1 week
2024-02-15 13:27:55 -08:00
..
heimdal
heimdal: Fix NULL deref
2024-02-15 13:27:55 -08:00
openssh
ssh: Update to OpenSSH 9.6p1
2024-01-04 22:16:30 -05:00
openssl
OpenSSL: Update date string
2024-02-05 12:09:08 -08:00
README

README 

This directory is for the EXACT same use as src/contrib, except it
holds crypto sources.  In other words, this holds raw sources obtained
from various third party vendors, with FreeBSD patches applied.  No
compilation is done from this directory, it is all done from the
src/secure directory.  The separation between src/contrib and src/crypto
is the result of an old USA law, which made these sources export
controlled, so they had to be kept separate.