Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 418584 Details for
Bug 567564
<dev-libs/libressl-2.2.4-r1: NULL Pointer dereference in client certification validation (CVE-2015-3194)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for use in tree.
libressl-CVE-2015-3194.patch (text/plain), 862 bytes, created by
Aric Belsito
on 2015-12-05 03:08:47 UTC
(
hide
)
Description:
Patch for use in tree.
Filename:
MIME Type:
Creator:
Aric Belsito
Created:
2015-12-05 03:08:47 UTC
Size:
862 bytes
patch
obsolete
>OpenBSD 5.8 errata 9, Dec 3, 2015: > >CVE-2015-3194 - NULL pointer dereference in client certificate validation > make install > >=================================================================== >diff -Naurwp libressl.orig/crypto/rsa/rsa_ameth.c libressl/crypto/rsa/rsa_ameth.c >--- libressl.orig/crypto/rsa/rsa_ameth.c 2015-09-11 00:32:56.000000000 -0700 >+++ libressl/crypto/rsa/rsa_ameth.c 2015-12-04 18:56:55.250157042 -0800 >@@ -298,7 +298,7 @@ rsa_pss_decode(const X509_ALGOR *alg, X5 > if (pss->maskGenAlgorithm) { > ASN1_TYPE *param = pss->maskGenAlgorithm->parameter; > if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1 && >- param->type == V_ASN1_SEQUENCE) { >+ param && param->type == V_ASN1_SEQUENCE) { > p = param->value.sequence->data; > plen = param->value.sequence->length; > *pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=418584">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 567564
: 418584
