Pedro Monreal Gonzalez
8c598ed63d
* Add openssl-3-disable-hmac-hw-acceleration-with-engine-digest.patch * Add openssl-3-fix-hmac-digest-detection-s390x.patch * Add openssl-3-fix-memleak-s390x_HMAC_CTX_copy.patch - Add hardware acceleration for full AES-XTS jsc#PED-10273 * Add openssl-3-hw-acceleration-aes-xts-s390x.patch - Support MSA 12 SHA3 on s390x jsc#PED-10280 * Add openssl-3-add_EVP_DigestSqueeze_api.patch * Add openssl-3-support-multiple-sha3_squeeze_s390x.patch * Add openssl-3-add-xof-state-handling-s3_absorb.patch * Add openssl-3-fix-state-handling-sha3_absorb_s390x.patch * Add openssl-3-fix-state-handling-sha3_final_s390x.patch * Add openssl-3-fix-state-handling-shake_final_s390x.patch * Add openssl-3-fix-state-handling-keccak_final_s390x.patch * Add openssl-3-support-EVP_DigestSqueeze-in-digest-prov-s390x.patch * Add openssl-3-add-defines-CPACF-funcs.patch * Add openssl-3-add-hw-acceleration-hmac.patch * Add openssl-3-support-CPACF-sha3-shake-perf-improvement.patch * Add openssl-3-fix-s390x_sha3_absorb.patch * Add openssl-3-fix-s390x_shake_squeeze.patch - Update to 3.2.3: * Changes between 3.2.2 and 3.2.3: - Fixed possible denial of service in X.509 name checks. [CVE-2024-6119] - Fixed possible buffer overread in SSL_select_next_proto(). [CVE-2024-5535] * Changes between 3.2.1 and 3.2.2: - Fixed potential use after free after SSL_free_buffers() is called. [CVE-2024-4741] - Fixed an issue where checking excessively long DSA keys or parameters may OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=121
17 lines
697 B
Diff
17 lines
697 B
Diff
Index: openssl-3.1.4/crypto/rsa/rsa_sp800_56b_check.c
|
|
===================================================================
|
|
--- openssl-3.1.4.orig/crypto/rsa/rsa_sp800_56b_check.c
|
|
+++ openssl-3.1.4/crypto/rsa/rsa_sp800_56b_check.c
|
|
@@ -405,7 +405,10 @@ int ossl_rsa_sp800_56b_check_keypair(con
|
|
return 0;
|
|
}
|
|
/* (Step 3.b): check the modulus */
|
|
- if (nbits != BN_num_bits(rsa->n)) {
|
|
+ /* If nBits is not a positive even integer, output an indication of an
|
|
+ * invalid key pair, and exit without further processing.
|
|
+ */
|
|
+ if (nbits <= 0 || nbits % 2 || nbits != BN_num_bits(rsa->n)) {
|
|
ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_KEYPAIR);
|
|
return 0;
|
|
}
|