asn1: fix out-of-bounds read in decoding constructed objects

* OpenSSL::ASN1.{decode,decode_all,traverse}: have a bug of out-of-bounds read. int_ossl_asn1_decode0_cons() does not give the correct available length to ossl_asn1_decode() when decoding the inner components of a constructed object. This can cause out-of-bounds read if a crafted input given. Reference: https://hackerone.com/reports/170316 https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@59800 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-09-09 14:06:50 +0000
committer: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-09-09 14:06:50 +0000
commit: 1433d4337cdfa6422d75e83ef63b8f64fc95bf6b (patch)
tree: 27c33a27c966c8c66727795ee272de9ad5578145 /version.h
parent: 842d5cff6a9debcd10398ee1e95b85268620a290 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/version.h b/version.h
index 949ea42fd0..f67d12fb44 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
 #define RUBY_VERSION "2.3.5"
 #define RUBY_RELEASE_DATE "2017-09-09"
-#define RUBY_PATCHLEVEL 368
+#define RUBY_PATCHLEVEL 369
 
 #define RUBY_RELEASE_YEAR 2017
 #define RUBY_RELEASE_MONTH 9
author	usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-09-09 14:06:50 +0000
committer	usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-09-09 14:06:50 +0000
commit	1433d4337cdfa6422d75e83ef63b8f64fc95bf6b (patch)
tree	27c33a27c966c8c66727795ee272de9ad5578145 /version.h
parent	842d5cff6a9debcd10398ee1e95b85268620a290 (diff)