forked from pool/openssl-1_1
Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
23 lines
987 B
Diff
23 lines
987 B
Diff
Index: openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl
|
|
===================================================================
|
|
--- openssl-1.1.1-pre3.orig/Configurations/unix-Makefile.tmpl 2018-03-20 15:20:03.037124698 +0100
|
|
+++ openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl 2018-03-20 15:21:04.206084731 +0100
|
|
@@ -843,7 +843,7 @@ libcrypto.pc:
|
|
echo 'Version: '$(VERSION); \
|
|
echo 'Libs: -L$${libdir} -lcrypto'; \
|
|
echo 'Libs.private: $(LIB_EX_LIBS)'; \
|
|
- echo 'Cflags: -I$${includedir}' ) > libcrypto.pc
|
|
+ echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir}' ) > libcrypto.pc
|
|
|
|
libssl.pc:
|
|
@ ( echo 'prefix=$(INSTALLTOP)'; \
|
|
@@ -860,7 +860,7 @@ libssl.pc:
|
|
echo 'Version: '$(VERSION); \
|
|
echo 'Requires.private: libcrypto'; \
|
|
echo 'Libs: -L$${libdir} -lssl'; \
|
|
- echo 'Cflags: -I$${includedir}' ) > libssl.pc
|
|
+ echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir}' ) > libssl.pc
|
|
|
|
openssl.pc:
|
|
@ ( echo 'prefix=$(INSTALLTOP)'; \
|