From bde24fef65a161b51a6dd60c1d4efc6ad7013fa4 Mon Sep 17 00:00:00 2001 From: Michael Zillgith Date: Mon, 22 Jul 2024 17:07:45 +0100 Subject: [PATCH] - updated CHANGELOG (LIB61850-447) --- CHANGELOG | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 6ee02d5a..09b503f9 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -21,8 +21,9 @@ Other changes: Fixed bugs and vulnerabilities: -- fixed out-of-bound read in parseAarePdu function (LIB61850-442)(#513) -- ACSE: fixed out-of-bounds read in parseAarqPdu function (LIB61850-441)(#512) +- Vulnerability: fixed potential stack buffer overflow in MMS client identity service and other services (LIB61850-447) +- Vulnerability: fixed out-of-bound read in parseAarePdu function (LIB61850-442)(#513) +- Vulnerability: ACSE: fixed out-of-bounds read in parseAarqPdu function (LIB61850-441)(#512) - GOOSE receiver: added additional length and plausibility checks to fix #509 - MmsValue_decodeMmsData: add support for empty visible-string, mms-string, and octet-string values (#506) - MMS client: fixed - getNameList task can get stuck in while loop when message cannot be sent (LIB61850-347) @@ -33,7 +34,7 @@ Fixed bugs and vulnerabilities: - MMS server: fixed - server is sending data set response larger than negotiated MMS PDU size (LIB61850-435) - fixed - potential race condition when using IedConnection_installReportHandler and IedConnection_uninstallReportHandler - fixed - IEC 61580 server: dataset is not released when RCB.Datset is set to empty string by client (LIB61850-425) -- MMS client: fixed - parsing of servicecsSupported in MMS init response is off by one (LIB61850-419)(#469) +- Vulnerability: MMS client: fixed - parsing of servicecsSupported in MMS init response is off by one (LIB61850-419)(#469)