diff options
Diffstat (limited to 'dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch')
-rw-r--r-- | dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch b/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch new file mode 100644 index 000000000000..a6a10b0a2ca1 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch @@ -0,0 +1,31 @@ +https://bugs.gentoo.org/542038 + +From 28a00bcd8e318da18031b2ac8778c64147cd54f9 Mon Sep 17 00:00:00 2001 +From: "Dr. Stephen Henson" <steve@openssl.org> +Date: Wed, 18 Feb 2015 00:34:59 +0000 +Subject: [PATCH] Check public key is not NULL. + +CVE-2015-0288 +PR#3708 + +Reviewed-by: Matt Caswell <matt@openssl.org> +--- + crypto/x509/x509_req.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c +index bc6e566..01795f4 100644 +--- a/crypto/x509/x509_req.c ++++ b/crypto/x509/x509_req.c +@@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) + goto err; + + pktmp = X509_get_pubkey(x); ++ if (pktmp == NULL) ++ goto err; + i = X509_REQ_set_pubkey(ret, pktmp); + EVP_PKEY_free(pktmp); + if (!i) +-- +2.3.1 + |