Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
13 lines
465 B
Diff
13 lines
465 B
Diff
Index: openssl-1.1.1j/crypto/x509/x509_cmp.c
|
|
===================================================================
|
|
--- openssl-1.1.1j.orig/crypto/x509/x509_cmp.c
|
|
+++ openssl-1.1.1j/crypto/x509/x509_cmp.c
|
|
@@ -38,6 +38,7 @@ unsigned long X509_issuer_and_serial_has
|
|
|
|
if (ctx == NULL)
|
|
goto err;
|
|
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
|
|
f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0);
|
|
if (f == NULL)
|
|
goto err;
|