pkgsrc

History

adam 38e6789372 Crypto++ 5.6.5 The 5.6.5 release was mostly a maintenance release. The release included two CVE fixes. The first, CVE-2016-7420, was a procedural finding due to external build systems failing to define NDEBUG for release builds. The gap was the project's failure to tell users to define NDEBUG. The second, CVE-2016-7544, was a potential memory corruption on Windows platforms when using Microsoft compilers due to use of _malloca and _freea. Due to CVE-2016-7420 and the possibility for an unwanted assert to egress data, users and distros are encouraged to recompile the library and all dependent programs.	2017-05-18 21:20:23 +00:00
..
patch-GNUmakefile	Crypto++ 5.6.5	2017-05-18 21:20:23 +00:00

The 5.6.5 release was mostly a maintenance release. The release included two CVE fixes.

The first, CVE-2016-7420, was a procedural finding due to external build systems failing to define NDEBUG for release builds. The gap was the project's failure to tell users to define NDEBUG. The second, CVE-2016-7544, was a potential memory corruption on Windows platforms when using Microsoft compilers due to use of _malloca and _freea.

Due to CVE-2016-7420 and the possibility for an unwanted assert to egress data, users and distros are encouraged to recompile the library and all dependent programs.

2017-05-18 21:20:23 +00:00

patch-GNUmakefile

Crypto++ 5.6.5

2017-05-18 21:20:23 +00:00