forked from pool/openssl-1_1
Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
25 lines
729 B
Diff
25 lines
729 B
Diff
---
|
|
crypto/fips/fips_sli.c | 6 +++---
|
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
|
|
--- a/crypto/fips/fips_sli.c
|
|
+++ b/crypto/fips/fips_sli.c
|
|
@@ -328,14 +328,14 @@ static FIPS_STATUS get_fips_keygen_ecdsa
|
|
BN_set_bit(pwr24, 24);
|
|
BN_set_bit(pwr32, 32);
|
|
|
|
- if (224 < n && n <= 255) {
|
|
+ if (224 <= n && n <= 255) {
|
|
if (BN_cmp(cofactor, pwr14) != 1)
|
|
ret = FIPS_APPROVED;
|
|
- } else if (256 < n && n <= 383) {
|
|
+ } else if (256 <= n && n <= 383) {
|
|
if (BN_cmp(cofactor, pwr16) != 1)
|
|
ret = FIPS_APPROVED;
|
|
|
|
- } else if (384 < n && n <= 511) {
|
|
+ } else if (384 <= n && n <= 511) {
|
|
if (BN_cmp(cofactor, pwr24) != 1)
|
|
ret = FIPS_APPROVED;
|
|
|