[gnutls-devel] GnuTLS | Fix double free during gnutls_pkcs7_verify (!1615)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sat Jul 23 01:50:44 CEST 2022
Daiki Ueno started a new discussion on NEWS: https://gitlab.com/gnutls/gnutls/-/merge_requests/1615#note_1036090604
>
> * Version 3.7.7 (unreleased)
>
> +** libgnutls: Fixed double free during verification of pkcs7 signatures.
> + Reported by Jaak Ristioja (#1383). CVE code has been allocated for
> + this vulnerability: [CVE-2022-2509]
Let's assess the CVSS score using the [calculator](https://www.first.org/cvss/calculator/), and also assign our own SA like [this](https://gitlab.com/gnutls/gnutls/-/blob/e80b334563d648d86d654346ad49b1010974e7ad/NEWS#L266) so we can [list](https://www.gnutls.org/security-new.html) it.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1615#note_1036090604
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220722/ae217c16/attachment.html>
More information about the Gnutls-devel
mailing list