forked from pool/openssl
42aa3a9eb7
- security update: * CVE-2015-0209 (bnc#919648) - Fix a failure to NULL a pointer freed on error * CVE-2015-0286 (bnc#922496) - Segmentation fault in ASN1_TYPE_cmp * CVE-2015-0287 (bnc#922499) - ASN.1 structure reuse memory corruption * CVE-2015-0288 x509: (bnc#920236) - added missing public key is not NULL check * CVE-2015-0289 (bnc#922500) - PKCS7 NULL pointer dereferences * CVE-2015-0293 (bnc#922488) - Fix reachable assert in SSLv2 servers * added patches: openssl-CVE-2015-0209.patch openssl-CVE-2015-0286.patch openssl-CVE-2015-0287.patch openssl-CVE-2015-0288.patch openssl-CVE-2015-0289.patch openssl-CVE-2015-0293.patch (forwarded request 291606 from vitezslav_cizek) OBS-URL: https://build.opensuse.org/request/show/291607 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=126
26 lines
824 B
Diff
26 lines
824 B
Diff
commit 51527f1e3564f210e984fe5b654c45d34e4f03d7
|
|
Author: Dr. Stephen Henson <steve@openssl.org>
|
|
Date: Wed Feb 18 00:34:59 2015 +0000
|
|
|
|
Check public key is not NULL.
|
|
|
|
CVE-2015-0288
|
|
PR#3708
|
|
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
(cherry picked from commit 28a00bcd8e318da18031b2ac8778c64147cd54f9)
|
|
|
|
Index: openssl-1.0.1i/crypto/x509/x509_req.c
|
|
===================================================================
|
|
--- openssl-1.0.1i.orig/crypto/x509/x509_req.c 2015-03-17 13:22:30.712726374 +0100
|
|
+++ openssl-1.0.1i/crypto/x509/x509_req.c 2015-03-17 13:23:20.486453016 +0100
|
|
@@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_
|
|
goto err;
|
|
|
|
pktmp = X509_get_pubkey(x);
|
|
+ if (pktmp == NULL)
|
|
+ goto err;
|
|
i=X509_REQ_set_pubkey(ret,pktmp);
|
|
EVP_PKEY_free(pktmp);
|
|
if (!i) goto err;
|