)]}'
{
  "commit": "41e81901e31724ea0f03095c444ba4f9336a37cd",
  "tree": "23d6beb99548ecbe35cded2f6302c1a926d818eb",
  "parents": [
    "e218c17c33f5e27893640593094cb18c62e75c39"
  ],
  "author": {
    "name": "Rudolf Polzer",
    "email": "rpolzer@google.com",
    "time": "Thu May 21 01:36:30 2026 -0700"
  },
  "committer": {
    "name": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Tue May 26 03:36:37 2026 -0700"
  },
  "message": "RC2: fix RC2 heap overflow with _huge_ key lengths.\n\nThere should be no way to trigger this from an attacker, as sane API use\nshould never allow users to set key lengths unchecked (or else one could\nalso set 8-bit key length effectively disabling encryption).\n\nChange-Id: I8a1775f5b09ca1a620f95cdf51af55296a6a6964\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/95688\nCommit-Queue: Rudolf Polzer \u003crpolzer@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "57b863691e13cb6c54f9231d5d5ee37abeb77e35",
      "old_mode": 33188,
      "old_path": "crypto/cipher/cipher_test.cc",
      "new_id": "ea593f5ffc02157a3be159de013afb18f2398491",
      "new_mode": 33188,
      "new_path": "crypto/cipher/cipher_test.cc"
    },
    {
      "type": "modify",
      "old_id": "91c5f52d64cd652bbfa77ccf7f4d31588ba646c8",
      "old_mode": 33188,
      "old_path": "crypto/cipher/e_rc2.cc",
      "new_id": "21a3fc59f1bd8fbd284a3a4d81d549b625591860",
      "new_mode": 33188,
      "new_path": "crypto/cipher/e_rc2.cc"
    }
  ]
}