Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
home:Alexander_Naumov:SLE-12:Update
openssl
openssl-CVE-2015-1788.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2015-1788.patch of Package openssl
commit 4924b37ee01f71ae19c94a8934b80eeb2f677932 Author: Andy Polyakov <appro@openssl.org> Date: Thu Jun 11 00:18:01 2015 +0200 bn/bn_gf2m.c: avoid infinite loop wich malformed ECParamters. CVE-2015-1788 Reviewed-by: Matt Caswell <matt@openssl.org> Index: openssl-1.0.1i/crypto/bn/bn_gf2m.c =================================================================== --- openssl-1.0.1i.orig/crypto/bn/bn_gf2m.c 2015-06-12 09:46:24.360586854 +0200 +++ openssl-1.0.1i/crypto/bn/bn_gf2m.c 2015-06-12 09:48:11.218840146 +0200 @@ -568,9 +568,10 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIG } #else { - int i, ubits = BN_num_bits(u), - vbits = BN_num_bits(v), /* v is copy of p */ - top = p->top; + int i; + int ubits = BN_num_bits(u); + int vbits = BN_num_bits(v); /* v is copy of p */ + int top = p->top; BN_ULONG *udp,*bdp,*vdp,*cdp; bn_wexpand(u,top); udp = u->d; @@ -611,7 +612,12 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIG ubits--; } - if (ubits<=BN_BITS2 && udp[0]==1) break; + if (ubits <= BN_BITS2) { + if (udp[0] == 0) /* poly was reducible */ + goto err; + if (udp[0] == 1) + break; + } if (ubits<vbits) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor