- CVE-2006-2940 fix was incorrect (#208744)

This commit is contained in:
Tomáš Mráz 2006-10-02 08:37:59 +00:00
parent 6dc7017559
commit 98d8457650
2 changed files with 5 additions and 2 deletions

View File

@ -53,7 +53,7 @@ diff -u -r1.24.2.3 dh_key.c
+ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) + if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
+ { + {
+ DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); + DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
+ goto err; + return -1;
+ } + }
+ +
ctx = BN_CTX_new(); ctx = BN_CTX_new();

View File

@ -21,7 +21,7 @@
Summary: The OpenSSL toolkit Summary: The OpenSSL toolkit
Name: openssl Name: openssl
Version: 0.9.8b Version: 0.9.8b
Release: 7 Release: 8
Source: openssl-%{version}-usa.tar.bz2 Source: openssl-%{version}-usa.tar.bz2
Source1: hobble-openssl Source1: hobble-openssl
Source2: Makefile.certificate Source2: Makefile.certificate
@ -363,6 +363,9 @@ rm -rf $RPM_BUILD_ROOT/%{_bindir}/openssl_fips_fingerprint
%postun -p /sbin/ldconfig %postun -p /sbin/ldconfig
%changelog %changelog
* Mon Oct 2 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-8
- CVE-2006-2940 fix was incorrect (#208744)
* Mon Sep 25 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-7 * Mon Sep 25 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-7
- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276) - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)
- fix CVE-2006-2940 - parasitic public keys DoS (#207274) - fix CVE-2006-2940 - parasitic public keys DoS (#207274)