mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-07-22 02:35:23 +03:00
21 lines
715 B
Diff
21 lines
715 B
Diff
OpenBSD 7.2 errata 018, February 7, 2023:
|
|
|
|
A malicious certificate revocation list or timestamp response token would
|
|
allow an attacker to read arbitrary memory.
|
|
|
|
https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig
|
|
|
|
diff --git a/crypto/x509/x509_genn.c b/crypto/x509/x509_genn.c
|
|
index dadf6f1e4..1905e8cac 100644
|
|
--- a/crypto/x509/x509_genn.c
|
|
+++ b/crypto/x509/x509_genn.c
|
|
@@ -366,7 +366,8 @@ GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
|
|
return -1;
|
|
switch (a->type) {
|
|
case GEN_X400:
|
|
- result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
|
|
+ result = ASN1_STRING_cmp((ASN1_STRING *)a->d.x400Address,
|
|
+ (ASN1_STRING *)b->d.x400Address);
|
|
break;
|
|
|
|
case GEN_EDIPARTY:
|