CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/04/07 06:48:37
Modified files:
lib/libcrypto/x509: x509_vfy.c
Log message:
Stop Delta CRL processing if a CRL number is misssing
A malformed Delta CRL could cause a crash. Funnily enough the deserializer
recognizes this and marks such a CRL as invalid, but nothing ever checks
the EXFLAG_INVALID for CRLs. For certificates this would usually result in
verification failure due to x509v3_cache_extensions() failing.
This is only reachable if the X509_V_FLAG_USE_DELTAS is used, which only
a handful of ports do, plus openssl(1) does if you use the undocumented
-use_deltas flag.
Reported by Igor Morgenstern to OpenSSL who then sat on this since Jan 8
and assigned CVE-2026-28388.
ok jsing
