Search
j0ke.net Open Build Service
>
Projects
>
home:netmax
:
monitoring
>
openssl1
> openssl-CVE-2015-0288.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File openssl-CVE-2015-0288.patch of Package openssl1
commit 51527f1e3564f210e984fe5b654c45d34e4f03d7 Author: Dr. Stephen Henson <steve@openssl.org> Date: Wed Feb 18 00:34:59 2015 +0000 Check public key is not NULL. CVE-2015-0288 PR#3708 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 28a00bcd8e318da18031b2ac8778c64147cd54f9) Index: openssl-1.0.1i/crypto/x509/x509_req.c =================================================================== --- openssl-1.0.1i.orig/crypto/x509/x509_req.c 2015-03-17 13:22:30.712726374 +0100 +++ openssl-1.0.1i/crypto/x509/x509_req.c 2015-03-17 13:23:20.486453016 +0100 @@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_ goto err; pktmp = X509_get_pubkey(x); + if (pktmp == NULL) + goto err; i=X509_REQ_set_pubkey(ret,pktmp); EVP_PKEY_free(pktmp); if (!i) goto err;