[gnutls-help] gnutls 3.5.8

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon Jan 9 09:25:10 CET 2017


On Mon, Jan 9, 2017 at 9:17 AM, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:

> ** libgnutls: Fix double free in certificate information printing. If the PKIX
>    extension proxy was set with a policy language set but no policy specified,
>    that could lead to a double free. (issue found using oss-fuzz project)
>
> ** libgnutls: Addressed invalid memory accesses in OpenPGP certificate parsing.
>    (issues found using oss-fuzz project)

Note that I forgot to refer to GNUTLS-SA-2017-1 and GNUTLS-SA-2017-2 for these
two issues.

regards,
Nikos



More information about the Gnutls-help mailing list