git.ipfire.org Git - people/stevee/ipfire-2.x.git/commit

author	Michael Tremer <michael.tremer@ipfire.org>
	Mon, 26 Sep 2016 13:37:20 +0000 (14:37 +0100)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Mon, 26 Sep 2016 13:37:20 +0000 (14:37 +0100)
commit	78c3ea61b29ed527e4854f2f03ca0614888f5dd1
tree	e7f140cef6f5389fa65c3a58a4b4c7d2605bc2e3	tree \| snapshot
parent	def1ad3e948a8473c2443985b234180238aaf66a	commit \| diff

openssl: Update to 1.0.2j

Missing CRL sanity check (CVE-2016-7052)
========================================

Severity: Moderate

This issue only affects OpenSSL 1.0.2i, released on 22nd September 2016.

A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0
but was omitted from OpenSSL 1.0.2i. As a result any attempt to use
CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.

OpenSSL 1.0.2i users should upgrade to 1.0.2j

The issue was reported to OpenSSL on 22nd September 2016 by Bruce Stephens and
Thomas Jakobi. The fix was developed by Matt Caswell of the OpenSSL development
team.

https://www.openssl.org/news/secadv/20160926.txt

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>