867fa0b486
Fixes all relevant CVEs with patches from RHEL 7. Additionally made one further tweak for parallel install installation with OpenSSL 3.x.
12 lines
453 B
Diff
12 lines
453 B
Diff
--- openssl-1.0.2u/crypto/x509/x509_cmp.c.cve-2021-23841 2019-12-20 14:02:41.000000000 +0000
|
|
+++ openssl-1.0.2u/crypto/x509/x509_cmp.c 2022-04-04 20:58:23.996994000 +0000
|
|
@@ -87,6 +87,8 @@
|
|
|
|
EVP_MD_CTX_init(&ctx);
|
|
f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
|
|
+ if (f == NULL)
|
|
+ goto err;
|
|
if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
|
|
goto err;
|
|
if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
|