[PATCH 0/2] KEYS: Fixes [ver #2]

From: David Howells
Date: Thu Nov 24 2016 - 06:16:28 EST

Next message: David Howells: "[PATCH 1/2] X.509: Fix double free in x509_cert_parse() [ver #2]"
Previous message: Arnd Bergmann: "Re: Linux 4.9: Reported regressions as of Sunday, 2016-11-20"
Next in thread: David Howells: "[PATCH 1/2] X.509: Fix double free in x509_cert_parse() [ver #2]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi James,

Can you pull these patches please and pass them on to Linus? They include
the following:

(1) Fix mpi_powm()'s handling of a number with a zero exponent [CVE-2016-8650].

(2) Fix double free in X.509 error handling.

Ver #2:

- Use RESIZE_IF_NEEDED() to conditionally resize the result rather than
manually doing this.

The patches can be found here also:

http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-fixes

Tagged thusly:

git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
keys-fixes-20161124-2

David
---
Andrey Ryabinin (1):
X.509: Fix double free in x509_cert_parse()

David Howells (1):
MPI: Fix mpi_powm() when exponent is 0 and the result has no limbs

crypto/asymmetric_keys/x509_cert_parser.c | 1 -
lib/mpi/mpi-pow.c | 3 +++
2 files changed, 3 insertions(+), 1 deletion(-)

Next message: David Howells: "[PATCH 1/2] X.509: Fix double free in x509_cert_parse() [ver #2]"
Previous message: Arnd Bergmann: "Re: Linux 4.9: Reported regressions as of Sunday, 2016-11-20"
Next in thread: David Howells: "[PATCH 1/2] X.509: Fix double free in x509_cert_parse() [ver #2]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]