rpms
/
openssl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix missing initialization of variable in CHIL engine

This commit is contained in:
Tomas Mraz 2011-09-21 17:34:13 +02:00
parent edb70644c7
commit e4008f0b0e
2 changed files with 30 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
openssl-1.0.0e-chil-fixes.patch Normal file
View File

@ -0,0 +1,24 @@
diff -up openssl-1.0.0e/engines/e_chil.c.chil openssl-1.0.0e/engines/e_chil.c
--- openssl-1.0.0e/engines/e_chil.c.chil 2010-06-15 19:25:12.000000000 +0200
+++ openssl-1.0.0e/engines/e_chil.c 2011-09-21 17:32:03.000000000 +0200
@@ -1261,6 +1261,11 @@ static int hwcrhk_insert_card(const char
UI *ui;
void *callback_data = NULL;
UI_METHOD *ui_method = NULL;
+ /* Despite what the documentation says prompt_info can be
+ * an empty string.
+ */
+ if (prompt_info && !*prompt_info)
+ prompt_info = NULL;
if (cactx)
{
@@ -1287,7 +1292,7 @@ static int hwcrhk_insert_card(const char
if (ui)
{
- char answer;
+ char answer = '\0';
char buf[BUFSIZ];
/* Despite what the documentation says wrong_info can be
* an empty string.

7
openssl.spec
View File

@ -21,7 +21,7 @@
Summary: A general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.0.0e
Release: 1%{?dist}
Release: 2%{?dist}
# We remove certain patented algorithms from the openssl source tarball
# with the hobble-openssl script which is included below.
Source: openssl-%{version}-usa.tar.bz2
@ -75,6 +75,7 @@ Patch61: openssl-1.0.0d-cavs.patch
Patch62: openssl-1.0.0-fips-aesni.patch
Patch63: openssl-1.0.0d-xmpp-starttls.patch
Patch64: openssl-1.0.0d-intelopts.patch
Patch65: openssl-1.0.0e-chil-fixes.patch
# Backported fixes including security fixes
Patch81: openssl-1.0.0d-padlock64.patch
@ -171,6 +172,7 @@ from other formats to the formats used by the OpenSSL toolkit.
%patch62 -p1 -b .fips-aesni
%patch63 -p1 -b .starttls
%patch64 -p1 -b .intelopts
%patch65 -p1 -b .chil
%patch81 -p1 -b .padlock64
@ -422,6 +424,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun -p /sbin/ldconfig
%changelog
* Wed Sep 21 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0e-2
- fix missing initialization of variable in CHIL engine
* Wed Sep 7 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0e-1
- new upstream release fixing CVE-2011-3207 (#736088)