Fix XER decoder of INTEGER, Issue #344. In some cases an INTEGER overflow during parsing is not detected and incorrect value is returned to the decoder instead of an error. Reported by Nika Pona <npona@digamma.ai>. (Severity: low; Seuciry impact: medium).

commit: 6495ca558e466c48267b3049b58eaa70c899374b [log] [tgz]
author: Lev Walkin <vlm@lionet.info> Sat Aug 10 20:07:39 2019 -0700
committer: Lev Walkin <vlm@lionet.info> Sat Aug 10 20:09:25 2019 -0700
tree: 23fb4e7218e400ab5600042528ad6bdf6fd59cd5
parent: 88ed3b5cf012918bc1084b606b0624c45e0d2191 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index b5ac2eb..df7a424 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -35,6 +35,11 @@
         (Severity: low; Security impact: none)
       * Fix XER decoder crash on maliciously constructed ENUMERATED input.
         (Severity: medium; Security impact: medium)
+      * Fix XER decoder of INTEGER, OBJECT IDENTIFIER, and RELATIVE-OID.
+        In some cases an INTEGER overflow during parsing is not detected
+        and incorrect value is returned to the decoder instead of an error.
+        Reported by Nika Pona <npona@digamma.ai>.
+        (Severity: low; Security impact: medium).
 
     FIXES IN TOOLING:
       * CVE-2017-12966 verified not present.
commit	6495ca558e466c48267b3049b58eaa70c899374b	[log] [tgz]
author	Lev Walkin <vlm@lionet.info>	Sat Aug 10 20:07:39 2019 -0700
committer	Lev Walkin <vlm@lionet.info>	Sat Aug 10 20:09:25 2019 -0700
tree	23fb4e7218e400ab5600042528ad6bdf6fd59cd5
parent	88ed3b5cf012918bc1084b606b0624c45e0d2191 [diff] [blame]