make the description of tolen_asserts more dire

We have a CVE # for this bug.
2024-11-24 04:13:28 +01:00 · 2011-01-15 10:54:58 -05:00 · 2011-01-15 10:54:58 -05:00 · 50b06a2b76
commit 50b06a2b76
parent 115782bdbe
1 changed files with 3 additions and 4 deletions
--- a/changes/tolen_asserts
+++ b/changes/tolen_asserts
@ -1,9 +1,8 @@
  o Major bugfixes (security)
    - Fix a heap overflow bug where an adversary could cause heap
-      corruption.  Since the contents of the corruption would need to be
-      the output of an RSA decryption, we do not think this is easy to
-      turn in to a remote code execution attack, but everybody should
-      upgrade anyway.  Found by debuger.  Bugfix on 0.1.2.10-rc.
+      corruption.  This bug potentially allows remote code execution
+      attacks.  Found by debuger.  Fixes CVE-2011-0427.  Bugfix on
+      0.1.2.10-rc.
  o Defensive programming
    - Introduce output size checks on all of our decryption functions.