SHA256
1
0
forked from pool/openssl-1_1
openssl-1_1/openssl-1_1-shortcut-test_afalg_aes_cbc.patch
Pedro Monreal Gonzalez 18ecb7a582 - Build with no-afalgeng [bsc#1226463]
- Security fix: [bsc#1227138, CVE-2024-5535]
  * SSL_select_next_proto buffer overread
  * Add openssl-CVE-2024-5535.patch

- Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free
  security vulnerability. Calling the function SSL_free_buffers()
  potentially caused memory to be accessed that was previously
  freed in some situations and a malicious attacker could attempt
  to engineer a stituation where this occurs to facilitate a
  denial-of-service attack. [CVE-2024-4741, bsc#1225551]

OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
2024-07-25 08:07:48 +00:00

15 lines
427 B
Diff

diff --git a/test/afalgtest.c b/test/afalgtest.c
index adb2977..c4f848a 100644
--- a/test/afalgtest.c
+++ b/test/afalgtest.c
@@ -43,6 +43,9 @@ static ENGINE *e;
static int test_afalg_aes_cbc(int keysize_idx)
{
+ /* This test fails in fips mode, so just shortcut out. */
+ if ( FIPS_mode()) return 1;
+
EVP_CIPHER_CTX *ctx;
const EVP_CIPHER *cipher;
unsigned char key[] = "\x06\xa9\x21\x40\x36\xb8\xa1\x5b"