From 63337cb41f2e8f086c461bdf736dce39509db68a Mon Sep 17 00:00:00 2001 From: Petr Kubat Date: Thu, 27 May 2021 15:59:48 +0200 Subject: [PATCH] Return error when ripemd160 is used with OpenSSL3 Resolves: #1962067 --- libarchive.spec | 6 +++++- openssl3-rmd160failure.patch | 15 +++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 openssl3-rmd160failure.patch diff --git a/libarchive.spec b/libarchive.spec index 200bc4a..572ae10 100644 --- a/libarchive.spec +++ b/libarchive.spec @@ -2,7 +2,7 @@ Name: libarchive Version: 3.5.1 -Release: 4%{?dist} +Release: 5%{?dist} Summary: A library for handling streaming archive formats License: BSD @@ -10,6 +10,7 @@ URL: https://www.libarchive.org/ Source0: https://libarchive.org/downloads/%{name}-%{version}.tar.gz Patch0: libarchive-3.5.1-fix-covscan-rhel-9.patch +Patch1: openssl3-rmd160failure.patch BuildRequires: automake BuildRequires: bison @@ -213,6 +214,9 @@ run_testsuite %changelog +* Thu May 27 2021 Petr Kubat - 3.5.1-5 +- Return error when ripemd160 is used with OpenSSL3 (#1962067) + * Mon May 10 2021 Ondrej Dubaj - 3.5.1-4 - Fixed covscan issues (#1938755) diff --git a/openssl3-rmd160failure.patch b/openssl3-rmd160failure.patch new file mode 100644 index 0000000..4ae0f30 --- /dev/null +++ b/openssl3-rmd160failure.patch @@ -0,0 +1,15 @@ +--- libarchive-3.5.1/libarchive/archive_digest.c.old 2021-05-27 15:46:54.988302284 +0200 ++++ libarchive-3.5.1/libarchive/archive_digest.c 2021-05-27 15:50:03.519746886 +0200 +@@ -432,9 +432,11 @@ + static int + __archive_ripemd160init(archive_rmd160_ctx *ctx) + { ++ int ret; + if ((*ctx = EVP_MD_CTX_new()) == NULL) + return (ARCHIVE_FAILED); +- EVP_DigestInit(*ctx, EVP_ripemd160()); ++ if (!(ret = EVP_DigestInit(*ctx, EVP_ripemd160()))) ++ return (ARCHIVE_FAILED); + return (ARCHIVE_OK); + } +