SHA256
1
0
forked from pool/openssl-1_1
openssl-1_1/openssl-1.1.1w.tar.gz.asc
Pedro Monreal Gonzalez 18ecb7a582 - Build with no-afalgeng [bsc#1226463]
- Security fix: [bsc#1227138, CVE-2024-5535]
  * SSL_select_next_proto buffer overread
  * Add openssl-CVE-2024-5535.patch

- Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free
  security vulnerability. Calling the function SSL_free_buffers()
  potentially caused memory to be accessed that was previously
  freed in some situations and a malicious attacker could attempt
  to engineer a stituation where this occurs to facilitate a
  denial-of-service attack. [CVE-2024-4741, bsc#1225551]

OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
2024-07-25 08:07:48 +00:00

17 lines
833 B
Plaintext

-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE78CkZ9YTy4PH7W0w2JTizos9efUFAmT/H2QACgkQ2JTizos9
efVL8A//XiYVgTnhAtnBs8W5+8fTJ2WUh+lcG7I+GF1wi1PRMaA9YddmXu70b9VF
x5EOcAVo7RsjlQ/VeWUtVuyTjd6eXCzoKRlbAwo9YovEsWcIo5sb6lSzuN17bIJi
NOrALx3+TF7SZfuOdd/czohfJfFUX/5mfEmcrkwY67UvIDFgO6E04+S2eFnU9HdC
KEF4kK10IObHRfvnAj+nSfUrnq5xtAAIpj2PBg9GFIEIxKBU72vvJYGdJ0HKFN8/
352rNVIxGMXlwsAtWY2L09S0kt4iFST4fANM4CkxTnvloimmCtcWJvcst6tTgCMD
PKqXJ4hJpElzCVJJJBNQxz+T2dxc97Upvense/lkB6h8bwQgYaZNgk6B8UsSZyE8
5v1p1HcOCJBNKc8zW86a3RvGCfxOfjrFz2CC7QPdT84Rv4S/xeCeUqM5b63Ws7pZ
3kA5jHUkP0yXsVOjxdMdqlJxqQ1wE2Q459fklLnsoHERrEQtsoaEW0DG6Kgima58
YGwY8GxQ/QFLPxYRMjsfaLO54pdSlXa2EZ3nmL6WTY1ScdzN8K+huXz8Ok2lbi7O
oPZCVaDl8cpO9Kh8y5Hc8KAqCU72eTgx4kDGmEou9z//bl33fq0s5+PAjaz0XDvZ
gdOlsOngaAlvcVF50ZkVERBvfVb41O0uWD8MSk+vvBKQvuecrQ0=
=ZcG7
-----END PGP SIGNATURE-----