Earle F. Philhower, III 42c977bd4d

Patch axTLS CVEs and fix CA verification (#5270) ...

Apply patches developed by Sze Yiu Chau <schau@purdue.edu> which
correct a vulnerability in X509 parsing.

See CVE-2018-16150 and CVE-2018-16149 for more info.

CA certification validation was broken by a change put in during warning
cleanup a long time ago.  This binary now includes the 1-line correction
and HTTPSRequestCACert now works again (before was failing
because the key usages in certs were not properly read).

2018-10-24 12:47:11 -07:00

1.0 MiB

Raw History

View Raw