Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
openssl
openssl-CVE-2016-6303.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2016-6303.patch of Package openssl
commit 2b4029e68fd7002d2307e6c3cde0f3784eef9c83 Author: Dr. Stephen Henson <steve@openssl.org> Date: Fri Aug 19 23:28:29 2016 +0100 Avoid overflow in MDC2_Update() Thanks to Shi Lei for reporting this issue. CVE-2016-6303 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 55d83bf7c10c7b205fffa23fa7c3977491e56c07) Index: openssl-1.0.1i/crypto/mdc2/mdc2dgst.c =================================================================== --- openssl-1.0.1i.orig/crypto/mdc2/mdc2dgst.c 2016-08-25 11:36:31.881125433 +0200 +++ openssl-1.0.1i/crypto/mdc2/mdc2dgst.c 2016-08-25 11:37:27.478005330 +0200 @@ -92,7 +92,7 @@ int MDC2_Update(MDC2_CTX *c, const unsig i=c->num; if (i != 0) { - if (i+len < MDC2_BLOCK) + if (len < MDC2_BLOCK - i) { /* partial block */ memcpy(&(c->data[i]),in,len);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor