Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
compat-openssl098.11471
openssl-CVE-2015-0205.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2015-0205.patch of Package compat-openssl098.11471
commit a4aa18879917d9bd45f52ac110c69303a852b7db Author: Dr. Stephen Henson <steve@openssl.org> Date: Tue Jan 6 14:28:34 2015 +0000 Fix typo. Fix typo in ssl3_get_cert_verify: we can only skip certificate verify message if certificate is absent. NB: OpenSSL 0.9.8 is NOT vulnerable to CVE-2015-0205 as it doesn't support DH certificates and this typo prohibits skipping of certificate verify message for sign only certificates anyway. Reviewed-by: Matt Caswell <matt@openssl.org> Index: openssl-0.9.8j/ssl/s3_srvr.c =================================================================== --- openssl-0.9.8j.orig/ssl/s3_srvr.c 2015-01-09 15:16:41.105398031 +0100 +++ openssl-0.9.8j/ssl/s3_srvr.c 2015-01-09 15:59:26.269916629 +0100 @@ -2359,7 +2359,7 @@ int ssl3_get_cert_verify(SSL *s) if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY) { s->s3->tmp.reuse_message=1; - if ((peer != NULL) && (type | EVP_PKT_SIGN)) + if (peer != NULL) { al=SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor