]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ce65f86) | patch
openssl: Fix CVE-2024-0727
authorvirendra thakur <thakur.virendra1810@gmail.com>
Fri, 22 Mar 2024 05:35:24 +0000 (11:05 +0530)
committerSteve Sakoman <steve@sakoman.com>
Mon, 1 Apr 2024 15:28:29 +0000 (05:28 -1000)
commit18eb56925878a67ca1d7ce3eb9092f611023bc23
tree1d9ce534952346b3354afcb36a4844b5253580e5tree | snapshot
parentce65f86c55ecf2c0e52564488e0237ba24429c45commit | diff
openssl: Fix CVE-2024-0727

PKCS12 structures contain PKCS7 ContentInfo fields. These fields are
optional and can be NULL even if the "type" is a valid value. OpenSSL
was not properly accounting for this and a NULL dereference can occur
causing a crash.

Signed-off-by: virendra thakur <virendrak@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-connectivity/openssl/openssl/CVE-2024-0727.patch [new file with mode: 0644] blob
meta/recipes-connectivity/openssl/openssl_1.1.1w.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core