Bugzilla – Bug 968028
VUL-0: CVE-2015-7825: Botan: Infinite loop during certificate path validation
Last modified: 2016-04-07 12:55:23 UTC
2015-10-26 (CVE-2015-7825): Infinite loop during certificate path validation
When evaluating a certificate path, if a loop in the certificate chain was encountered (for instance where C1 certifies C2, which certifies C1) an infinite loop would occur eventually resulting in memory exhaustion. Found in a review by Sirrix AG and 3curity GmbH.
Introduced in 1.11.6, fixed in 1.11.22
bugbot adjusting priority
Introduced in 1.11.6, not affecting us