Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
16 lines
653 B
Diff
16 lines
653 B
Diff
Index: openssl-1.1.1d/apps/dgst.c
|
|
===================================================================
|
|
--- openssl-1.1.1d.orig/apps/dgst.c 2019-09-10 15:13:07.000000000 +0200
|
|
+++ openssl-1.1.1d/apps/dgst.c 2020-03-20 11:20:27.618536409 +0100
|
|
@@ -95,6 +95,10 @@ int dgst_main(int argc, char **argv)
|
|
prog = opt_progname(argv[0]);
|
|
buf = app_malloc(BUFSIZE, "I/O buffer");
|
|
md = EVP_get_digestbyname(prog);
|
|
+ if (md == NULL && strcmp(prog, "dgst") != 0) {
|
|
+ BIO_printf(bio_err, "%s is not a known digest\n", prog);
|
|
+ goto end;
|
|
+ }
|
|
|
|
prog = opt_init(argc, argv, dgst_options);
|
|
while ((o = opt_next()) != OPT_EOF) {
|