forked from pool/openssl-1_1
Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
14 lines
551 B
Diff
14 lines
551 B
Diff
Index: openssl-1.1.1d/crypto/fips/build.info
|
|
===================================================================
|
|
--- openssl-1.1.1d.orig/crypto/fips/build.info 2020-01-23 13:45:11.232633025 +0100
|
|
+++ openssl-1.1.1d/crypto/fips/build.info 2020-01-23 13:45:11.432634214 +0100
|
|
@@ -7,7 +7,7 @@ SOURCE[../../libcrypto]=\
|
|
fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \
|
|
fips_dh_selftest.c fips_ers.c
|
|
|
|
-PROGRAMS_NO_INST=\
|
|
+PROGRAMS=\
|
|
fips_standalone_hmac
|
|
|
|
SOURCE[fips_standalone_hmac]=fips_standalone_hmac.c
|