Add Changelog for #8687 Signed-off-by: Paul Elliott <paul.elliott@arm.com>

commit: 634748da23df4f47409a3ab4eb41c43b0d6b35b0 [log] [tgz]
author: Paul Elliott <paul.elliott@arm.com> Tue Jan 16 11:16:56 2024 +0000
committer: Dave Rodgman <dave.rodgman@arm.com> Mon Jan 22 16:00:33 2024 +0000
tree: 4d9d0f5cc353e5eaf87bfecb61871e07e6228717
parent: e90cbc3d1260901efc879178a15f2d90a5e17612 [diff] [blame]
diff --git a/ChangeLog.d/fix_int_overflow_x509_extension b/ChangeLog.d/fix_int_overflow_x509_extension
new file mode 100644
index 0000000..2a67928
--- /dev/null
+++ b/ChangeLog.d/fix_int_overflow_x509_extension

@@ -0,0 +1,8 @@
+Security
+   * Fix a failure to validate input when writing x509 extensions lengths which
+     could result in an integer overflow, causing a zero-length buffer to be
+     allocated to hold the extension. The extension would then be copied into
+     the buffer, causing a heap buffer overflow.
+
+
+
commit	634748da23df4f47409a3ab4eb41c43b0d6b35b0	[log] [tgz]
author	Paul Elliott <paul.elliott@arm.com>	Tue Jan 16 11:16:56 2024 +0000
committer	Dave Rodgman <dave.rodgman@arm.com>	Mon Jan 22 16:00:33 2024 +0000
tree	4d9d0f5cc353e5eaf87bfecb61871e07e6228717
parent	e90cbc3d1260901efc879178a15f2d90a5e17612 [diff] [blame]