Skip to content

V4.2.3
Compare
Choose a tag to compare
@tony-josi-aws tony-josi-aws released this 04 Jun 16:04
V4.2.3
28cb4eb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Changes between FreeRTOS-Plus-TCP V4.2.3 and V4.2.2 released June 04, 2025:

  • It was possible to cause an out-of-bounds write when processing LLMNR
    or mDNS queries with very long DNS names. This issue only affects systems
    using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled.
    This issue has been fixed by adding checks to prevent out of bounds write.
    We would like to thank Paschal Amusuo (@AmPaschal),
    James C Davis (@davisjam), Taylor Le Lievre (@tlelievre26), and
    Aravind Kumar Machiry (@Machiry) of Purdue University for collaborating
    on this issue through the coordinated vulnerability disclosure process.
  • Replace any missing functions by assert-false in all CBMC proofs to
    improve tests. We would like to thank @tautschnig for their contribution.
  • Adjust CBMC proof tooling to support CBMC v6.
    We would like to thank @tautschnig for their contribution.

Contributors

tautschnig, Machiry, and 3 other contributors
Assets 3
Loading