Patched several CVEs reported by GitHub Security Lab

simo5 released this 12 Feb 16:24

· 11 commits to main since this release

v1.2.0

3c3077e

This a security release.
It comes after GitHub Security Lab reported to use a few low/moderate issues discovered via oss-fuzz and reported to us by @philipturnbull

These Advisories cover the issues in details:

CVE-2023-25563
CVE-2023-25564
CVE-2023-25565
CVE-2023-25566
CVE-2023-25567

What's Changed

Implement gss_set_cred_option by @simo5 in #76
Allow to gss_wrap even if NEGOTIATE_SEAL is not negotiated by @simo5 in #78
Move HMAC code to OpenSSL EVP API by @simo5 in #82
Fix crash bug when acceptor credentials are NULL by @simo5 in #84
Translations update from Fedora Weblate by @weblate in #85

Full Changelog: v1.1.0...v1.2.0

Contributors

philipturnbull, weblate, and simo5

Assets 4

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Patched several CVEs reported by GitHub Security Lab

What's Changed

Contributors

Uh oh!