Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
30 lines
776 B
Diff
30 lines
776 B
Diff
Index: openssl-1.1.1m/apps/openssl.cnf
|
|
===================================================================
|
|
--- openssl-1.1.1m.orig/apps/openssl.cnf
|
|
+++ openssl-1.1.1m/apps/openssl.cnf
|
|
@@ -11,6 +11,24 @@
|
|
# defined.
|
|
HOME = .
|
|
|
|
+openssl_conf = openssl_init
|
|
+
|
|
+[ openssl_init ]
|
|
+
|
|
+engines = engine_section
|
|
+
|
|
+[ engine_section ]
|
|
+
|
|
+# This include will look through the directory that will contain the
|
|
+# engine declarations for any engines provided by other packages.
|
|
+.include /etc/ssl/engines1.1.d
|
|
+
|
|
+# This include will look through the directory that will contain the
|
|
+# definitions of the engines declared in the engine section.
|
|
+.include /etc/ssl/engdef1.1.d
|
|
+
|
|
+[ oid_section ]
|
|
+
|
|
# Extra OBJECT IDENTIFIER info:
|
|
#oid_file = $ENV::HOME/.oid
|
|
oid_section = new_oids
|