Fix an integer overflow in the CRL signature parser.
* src/crl.c (parse_signature): N+N2 now checked for overflow. * src/ocsp.c (parse_response_extensions): Do not accept too large values. (parse_single_extensions): Ditto.
The second patch is an extra safegourd not related to the reported
bug.
- GnuPG-bug-id: T6284
- Reported-by: Joseph Surin, elttam