From 42323eacc9ca7ca8c6f14bb2e5a8b34349f29c6a Mon Sep 17 00:00:00 2001 From: Felix Conway Date: Tue, 27 May 2025 16:01:07 +0100 Subject: [PATCH] Add changelog Signed-off-by: Felix Conway --- ChangeLog.d/pem-integer-underflow.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/pem-integer-underflow.txt diff --git a/ChangeLog.d/pem-integer-underflow.txt b/ChangeLog.d/pem-integer-underflow.txt new file mode 100644 index 0000000000..77274aa279 --- /dev/null +++ b/ChangeLog.d/pem-integer-underflow.txt @@ -0,0 +1,5 @@ +Security + * Fix an integer underflow that could occur when parsing malformed PEM + keys, which could be used by an attacker capable of feeding encrypted + PEM keys to a user. This could cause a crash or information disclosure. + Found and reported by Linh Le and Ngan Nguyen from Calif.