Skip to content

Commit

Permalink
OpenSSL: Update to version 1.1.1j
Browse files Browse the repository at this point in the history 
This has an important fix:

* Fixed the X509_issuer_and_serial_hash() function. It attempts to
  create a unique hash value based on the issuer and serial number data
  contained within an X509 certificate. However it was failing to
  correctly handle any errors that may occur while parsing the issuer
  field (which might occur if the issuer field is maliciously
  constructed). This may subsequently result in a NULL pointer deref and
  a crash leading to a potential denial of service attack.
  ([CVE-2021-23841])

There are more security fixes, but they do not affect us.
  • Loading branch information
@EchterAgo
EchterAgo committed Mar 23, 2021
1 parent 3c11ede commit c44d2aa
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion contrib/openssl
Submodule openssl updated 90 files
+37 −4 .github/workflows/ci.yml
+0 −311 .travis.yml
+7 −0 AUTHORS
+37 −0 CHANGES
+2 −2 CONTRIBUTING
+1 −0 Configurations/10-main.conf
+15 −21 Configurations/descrip.mms.tmpl
+16 −13 Configure
+8 −7 INSTALL
+10 −0 NEWS
+10 −2 NOTES.VMS
+2 −2 NOTES.WIN
+1 −1 README
+19 −0 VMS/msg_install.com
+37 −0 VMS/msg_staging.com
+21 −32 apps/ca.c
+18 −1 crypto/armcap.c
+1 −1 crypto/asn1/charmap.h
+1 −1 crypto/bn/bn_prime.h
+15 −1 crypto/conf/conf_def.c
+1 −1 crypto/conf/conf_def.h
+30 −3 crypto/dh/dh_key.c
+2 −1 crypto/err/openssl.txt
+27 −0 crypto/evp/evp_enc.c
+3 −1 crypto/evp/evp_err.c
+7 −1 crypto/mem_sec.c
+1 −1 crypto/objects/obj_dat.h
+1 −1 crypto/objects/obj_xref.h
+8 −5 crypto/poly1305/asm/poly1305-armv4.pl
+19 −1 crypto/ppccap.c
+8 −2 crypto/rsa/rsa_ssl.c
+9 −4 crypto/srp/srp_lib.c
+14 −10 crypto/x509/x509_cmp.c
+6 −9 crypto/x509/x509_vfy.c
+2 −2 crypto/x509/x_all.c
+4 −1 crypto/x509/x_attrib.c
+9 −5 crypto/x509v3/v3_purp.c
+2 −2 doc/man1/ca.pod
+2 −2 doc/man1/cms.pod
+2 −2 doc/man1/crl2pkcs7.pod
+2 −2 doc/man1/dgst.pod
+3 −3 doc/man1/dsa.pod
+3 −3 doc/man1/ec.pod
+2 −2 doc/man1/enc.pod
+2 −2 doc/man1/genpkey.pod
+2 −2 doc/man1/genrsa.pod
+5 −9 doc/man1/pkcs12.pod
+3 −3 doc/man1/pkcs8.pod
+3 −3 doc/man1/pkey.pod
+2 −2 doc/man1/pkeyutl.pod
+3 −3 doc/man1/req.pod
+3 −3 doc/man1/rsa.pod
+2 −2 doc/man1/s_client.pod
+2 −2 doc/man1/s_server.pod
+2 −2 doc/man1/smime.pod
+2 −2 doc/man1/spkac.pod
+2 −2 doc/man1/storeutl.pod
+2 −2 doc/man1/ts.pod
+2 −2 doc/man1/x509.pod
+22 −5 doc/man3/DH_generate_key.pod
+23 −5 doc/man3/OCSP_sendreq_new.pod
+1 −1 doc/man3/OPENSSL_malloc.pod
+8 −3 doc/man3/X509_get_extension_flags.pod
+ fuzz/corpora/x509/f5ded9e25448f6f47349d012eda2eb4fccbc7c76
+2 −0 fuzz/x509.c
+3 −4 include/openssl/evperr.h
+1 −1 include/openssl/obj_mac.h
+2 −2 include/openssl/opensslv.h
+4 −3 include/openssl/x509v3.h
+6 −5 ssl/d1_lib.c
+4 −1 ssl/record/rec_layer_d1.c
+1 −2 ssl/ssl_local.h
+3 −2 ssl/statem/extensions.c
+1 −2 ssl/statem/statem_clnt.c
+13 −2 ssl/statem/statem_lib.c
+2 −2 test/build.info
+21 −0 test/certs/ca-pss-cert.pem
+28 −0 test/certs/ca-pss-key.pem
+21 −0 test/certs/ee-pss-cert.pem
+19 −0 test/certs/invalid-cert.pem
+18 −6 test/certs/mkcert.sh
+9 −4 test/certs/setup.sh
+5 −2 test/recipes/25-test_verify.t
+3 −2 test/recipes/70-test_verify_extra.t
+9 −6 test/recipes/80-test_x509aux.t
+47 −58 test/rsa_test.c
+59 −0 test/sslapitest.c
+1 −1 test/v3nametest.c
+51 −4 test/verify_extra_test.c
+12 −7 test/x509aux.c

0 comments on commit c44d2aa

Please sign in to comment.