forked from pool/openssl-1_1
Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
24 lines
819 B
Diff
24 lines
819 B
Diff
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
|
|
index cbbfab1..7576de8 100644
|
|
--- a/include/openssl/opensslv.h
|
|
+++ b/include/openssl/opensslv.h
|
|
@@ -14,6 +14,9 @@
|
|
extern "C" {
|
|
#endif
|
|
|
|
+#define SUSE_OPENSSL_STRING_PARAM_FUNCA(x) #x
|
|
+#define SUSE_OPENSSL_STRING_PARAM_FUNCB(x) SUSE_OPENSSL_STRING_PARAM_FUNCA(x)
|
|
+
|
|
/*-
|
|
* Numeric release version identifier:
|
|
* MNNFFPPS: major minor fix patch status
|
|
@@ -40,7 +43,7 @@ extern "C" {
|
|
* major minor fix final patch/beta)
|
|
*/
|
|
# define OPENSSL_VERSION_NUMBER 0x1010117fL
|
|
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1w 11 Sep 2023"
|
|
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1w 11 Sep 2023 SUSE release " SUSE_OPENSSL_STRING_PARAM_FUNCB(SUSE_OPENSSL_RELEASE)
|
|
|
|
/*-
|
|
* The macros below are to be used for shared library (.so, .dll, ...)
|