crypto: fix memory leaks in cert validation by Nibbler999 · Pull Request #12089 · nodejs/node
added
c++
labels
Mar 28, 2017label
Mar 28, 2017The additional validity checks applied to StartCom and WoSign certificates failed to free memory before returning. Refs: #9469 Fixes: #12033
shigeki pushed a commit that referenced this pull request
Mar 28, 2017
The additional validity checks applied to StartCom and WoSign certificates failed to free memory before returning. Refs: #9469 Fixes: #12033 PR-URL: #12089 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 28, 2017
The additional validity checks applied to StartCom and WoSign certificates failed to free memory before returning. Refs: #9469 Fixes: #12033 PR-URL: #12089 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 29, 2017
The additional validity checks applied to StartCom and WoSign certificates failed to free memory before returning. Refs: #9469 Fixes: #12033 PR-URL: #12089 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 29, 2017
The additional validity checks applied to StartCom and WoSign certificates failed to free memory before returning. Refs: #9469 Fixes: #12033 PR-URL: #12089 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 29, 2017
The additional validity checks applied to StartCom and WoSign certificates failed to free memory before returning. Refs: #9469 Fixes: #12033 PR-URL: #12089 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
MylesBorins added a commit that referenced this pull request
Mar 29, 2017
This is a special LTS to fix a memory leak that was introduced in 4.8.1. It also includes an upgrade to zlib 1.2.11 to fix a number of low severity CVEs that were present in zlib 1.2.8. http://seclists.org/oss-sec/2016/q4/602 Notable changes: * crypto: - fix memory leak if certificate is revoked (Tom Atkinson) #12089 * deps: - upgrade zlib to 1.2.11 (Sam Roberts) #10980
MylesBorins added a commit that referenced this pull request
Mar 29, 2017
This is a special LTS to fix a number of regressions that were found on the 6.10.x release line. This includes: * a fix for memory leak in the crypto module that was introduced in 6.10.1 * a fix for a regression introduced to the windows repl in 6.10.0 * a backported fix for V8 to stop a segfault that could occur when using spread syntax It also includes an upgrade to zlib 1.2.11 to fix a numberof low severity CVEs that were present in zlib 1.2.8. http://seclists.org/oss-sec/2016/q4/602 Notable changes * crypto: - fix memory leak if certificate is revoked (Tom Atkinson) #12089 * deps: - upgrade zlib to 1.2.11 (Sam Roberts) #10980 - backport V8 fixes for spread syntax regression causing segfaults (Michaël Zasso) #12037 * repl: - Revert commit that broke REPL display on Windows (Myles Borins) #12123
coox
mentioned this pull request
MylesBorins added a commit that referenced this pull request
Apr 4, 2017
This is a maintenance release to fix a memory leak that was introduced in 4.8.1. It also includes an upgrade to zlib 1.2.11 to fix a number of low severity CVEs that were present in zlib 1.2.8. http://seclists.org/oss-sec/2016/q4/602 Notable changes: * crypto: - fix memory leak if certificate is revoked (Tom Atkinson) #12089 * deps: - upgrade zlib to 1.2.11 (Sam Roberts) #10980
MylesBorins added a commit that referenced this pull request
Apr 4, 2017
This is a special LTS to fix a number of regressions that were found on the 6.10.x release line. This includes: * a fix for memory leak in the crypto module that was introduced in 6.10.1 * a fix for a regression introduced to the windows repl in 6.10.0 * a backported fix for V8 to stop a segfault that could occur when using spread syntax It also includes an upgrade to zlib 1.2.11 to fix a numberof low severity CVEs that were present in zlib 1.2.8. http://seclists.org/oss-sec/2016/q4/602 Notable changes * crypto: - fix memory leak if certificate is revoked (Tom Atkinson) #12089 * deps: - upgrade zlib to 1.2.11 (Sam Roberts) #10980 - backport V8 fixes for spread syntax regression causing segfaults (Michaël Zasso) #12037 * repl: - Revert commit that broke REPL display on Windows (Myles Borins) #12123
MylesBorins added a commit to MylesBorins/node that referenced this pull request
Apr 4, 2017
This is a special LTS to fix a number of regressions that were found on the 6.10.x release line. This includes: * a fix for memory leak in the crypto module that was introduced in 6.10.1 * a fix for a regression introduced to the windows repl in 6.10.0 * a backported fix for V8 to stop a segfault that could occur when using spread syntax It also includes an upgrade to zlib 1.2.11 to fix a numberof low severity CVEs that were present in zlib 1.2.8. http://seclists.org/oss-sec/2016/q4/602 Notable changes * crypto: - fix memory leak if certificate is revoked (Tom Atkinson) nodejs#12089 * deps: - upgrade zlib to 1.2.11 (Sam Roberts) nodejs#10980 - backport V8 fixes for spread syntax regression causing segfaults (Michaël Zasso) nodejs#12037 * repl: - Revert commit that broke REPL display on Windows (Myles Borins) nodejs#12123
MylesBorins added a commit to MylesBorins/node that referenced this pull request
Apr 4, 2017
This is a maintenance release to fix a memory leak that was introduced in 4.8.1. It also includes an upgrade to zlib 1.2.11 to fix a number of low severity CVEs that were present in zlib 1.2.8. http://seclists.org/oss-sec/2016/q4/602 Notable changes: * crypto: - fix memory leak if certificate is revoked (Tom Atkinson) nodejs#12089 * deps: - upgrade zlib to 1.2.11 (Sam Roberts) nodejs#10980
imyller added a commit to imyller/meta-nodejs that referenced this pull request
Apr 20, 2017
This is a maintenance release to fix a memory leak that was
introduced in 4.8.1.
It also includes an upgrade to zlib 1.2.11 to fix a number of low
severity CVEs that were present in zlib 1.2.8.
http://seclists.org/oss-sec/2016/q4/602
Notable changes:
* crypto:
- fix memory leak if certificate is revoked (Tom Atkinson)
nodejs/node#12089
* deps:
- upgrade zlib to 1.2.11 (Sam Roberts)
nodejs/node#10980
Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>
imyller added a commit to imyller/meta-nodejs that referenced this pull request
Apr 20, 2017
This is a special LTS to fix a number of regressions that were found
on the 6.10.x release line.
This includes:
* a fix for memory leak in the crypto module that
was introduced in 6.10.1
* a fix for a regression introduced to the windows repl in 6.10.0
* a backported fix for V8 to stop a segfault that could occur
when using spread syntax
It also includes an upgrade to zlib 1.2.11 to fix a numberof low
severity CVEs that were present in zlib 1.2.8.
http://seclists.org/oss-sec/2016/q4/602
Notable changes
* crypto:
- fix memory leak if certificate is revoked (Tom Atkinson)
nodejs/node#12089
* deps:
- upgrade zlib to 1.2.11 (Sam Roberts)
nodejs/node#10980
- backport V8 fixes for spread syntax regression causing segfaults
(Michaël Zasso) nodejs/node#12037
* repl:
- Revert commit that broke REPL display on Windows (Myles Borins)
nodejs/node#12123
Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>
imyller added a commit to imyller/meta-nodejs that referenced this pull request
Apr 20, 2017
This is a maintenance release to fix a memory leak that was
introduced in 4.8.1.
It also includes an upgrade to zlib 1.2.11 to fix a number of low
severity CVEs that were present in zlib 1.2.8.
http://seclists.org/oss-sec/2016/q4/602
Notable changes:
* crypto:
- fix memory leak if certificate is revoked (Tom Atkinson)
nodejs/node#12089
* deps:
- upgrade zlib to 1.2.11 (Sam Roberts)
nodejs/node#10980
Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>
imyller added a commit to imyller/meta-nodejs that referenced this pull request
Apr 20, 2017
This is a special LTS to fix a number of regressions that were found
on the 6.10.x release line.
This includes:
* a fix for memory leak in the crypto module that
was introduced in 6.10.1
* a fix for a regression introduced to the windows repl in 6.10.0
* a backported fix for V8 to stop a segfault that could occur
when using spread syntax
It also includes an upgrade to zlib 1.2.11 to fix a numberof low
severity CVEs that were present in zlib 1.2.8.
http://seclists.org/oss-sec/2016/q4/602
Notable changes
* crypto:
- fix memory leak if certificate is revoked (Tom Atkinson)
nodejs/node#12089
* deps:
- upgrade zlib to 1.2.11 (Sam Roberts)
nodejs/node#10980
- backport V8 fixes for spread syntax regression causing segfaults
(Michaël Zasso) nodejs/node#12037
* repl:
- Revert commit that broke REPL display on Windows (Myles Borins)
nodejs/node#12123
Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>
kevinsawicki pushed a commit to electron/node that referenced this pull request
May 16, 2017
The additional validity checks applied to StartCom and WoSign certificates failed to free memory before returning. Refs: nodejs/node#9469 Fixes: nodejs/node#12033 PR-URL: nodejs/node#12089 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters