CVE-2022-1473 openssl: OPENSSL_LH_flush() breaks reuse of memory
Resolves: rhbz#2089444
This commit is contained in:
parent
b5de6bd830
commit
ac312e8ff7
13
0063-CVE-2022-1473.patch
Normal file
13
0063-CVE-2022-1473.patch
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
|
||||||
|
index 2a574fbfe6aa..16f482db68a9 100644
|
||||||
|
--- a/crypto/lhash/lhash.c
|
||||||
|
+++ b/crypto/lhash/lhash.c
|
||||||
|
@@ -100,6 +100,8 @@ void OPENSSL_LH_flush(OPENSSL_LHASH *lh)
|
||||||
|
}
|
||||||
|
lh->b[i] = NULL;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ lh->num_items = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void *OPENSSL_LH_insert(OPENSSL_LHASH *lh, void *data)
|
@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16))
|
|||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 3.0.1
|
Version: 3.0.1
|
||||||
Release: 32%{?dist}
|
Release: 33%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
@ -119,6 +119,8 @@ Patch60: 0060-FIPS-KAT-signature-tests.patch
|
|||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2087147
|
# https://bugzilla.redhat.com/show_bug.cgi?id=2087147
|
||||||
Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch
|
Patch61: 0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch
|
||||||
Patch62: 0062-Disable-EVP_PKEY_-sign-verify-in-FIPS-provider.patch
|
Patch62: 0062-Disable-EVP_PKEY_-sign-verify-in-FIPS-provider.patch
|
||||||
|
# https://github.com/openssl/openssl/pull/18141
|
||||||
|
Patch63: 0063-CVE-2022-1473.patch
|
||||||
|
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
URL: http://www.openssl.org/
|
URL: http://www.openssl.org/
|
||||||
@ -449,6 +451,10 @@ install -m644 %{SOURCE9} \
|
|||||||
%ldconfig_scriptlets libs
|
%ldconfig_scriptlets libs
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu May 26 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-33
|
||||||
|
- CVE-2022-1473 openssl: OPENSSL_LH_flush() breaks reuse of memory
|
||||||
|
- Resolves: rhbz#2089444
|
||||||
|
|
||||||
* Thu May 19 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-32
|
* Thu May 19 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-32
|
||||||
- `openssl ecparam -list_curves` lists only FIPS-approved curves in FIPS mode
|
- `openssl ecparam -list_curves` lists only FIPS-approved curves in FIPS mode
|
||||||
- Resolves: rhbz#2083240
|
- Resolves: rhbz#2083240
|
||||||
|
Loading…
Reference in New Issue
Block a user