openssl: Fix CVE-2024-0727 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	virendra thakur <thakur.virendra1810@gmail.com>	2024-03-22 11:05:24 +0530
committer	Steve Sakoman <steve@sakoman.com>	2024-04-05 06:34:42 -0700
commit	f010cd7f241f37a70aca71a0d9de48321ac0579c (patch)
tree	637fa5c1d67ce445006c9f8a2a9c153c61bf972d /documentation/sphinx/yocto-vars.py
parent	dbb4e8a5ccaa1d2f7c64f656fcce516da78d545c (diff)
download	poky-f010cd7f241f37a70aca71a0d9de48321ac0579c.tar.gz

openssl: Fix CVE-2024-0727

PKCS12 structures contain PKCS7 ContentInfo fields. These fields are optional and can be NULL even if the "type" is a valid value. OpenSSL was not properly accounting for this and a NULL dereference can occur causing a crash. (From OE-Core rev: 18eb56925878a67ca1d7ce3eb9092f611023bc23) Signed-off-by: virendra thakur <virendrak@kpit.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'documentation/sphinx/yocto-vars.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: