[SERVER-39018] Fix leak in SSL name to OID lookup Created: 15/Jan/19 Updated: 29/Oct/23 Resolved: 23/Jan/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 4.1.8 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Jonathan Reams | Assignee: | Jonathan Reams |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Operating System: | ALL | ||||||||
| Backport Requested: |
v4.0
|
||||||||
| Sprint: | Security 2019-01-28 | ||||||||
| Participants: | |||||||||
| Linked BF Score: | 69 | ||||||||
| Description |
|
This fixes a leak of an ASN1 object when doing OID shortname to numeric OID lookup when using OpenSSL |
| Comments |
| Comment by Githook User [ 23/Jan/19 ] |
|
Author: {'username': 'jbreams', 'email': 'jbreams@mongodb.com', 'name': 'Jonathan Reams'}Message: |