FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

LibreSSL -- NULL pointer dereference

Affected packages
3.2.0 < libressl < 3.2.3
libressl < 3.1.5
libressl-devel < 3.3.1

Details

VuXML ID 88dfd92f-3b9c-11eb-929d-d4c9ef517024
Discovery 2020-12-08
Entry 2020-12-11
Modified 2020-12-12

The LibreSSL project reports:

Malformed ASN.1 in a certificate revocation list or a timestamp response token can lead to a NULL pointer dereference.

References

URL https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.3-relnotes.txt