aboutsummaryrefslogtreecommitdiffstats
path: root/main/libressl/fix-CVE-2017-8301.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/libressl/fix-CVE-2017-8301.patch')
-rw-r--r--main/libressl/fix-CVE-2017-8301.patch32
1 files changed, 0 insertions, 32 deletions
diff --git a/main/libressl/fix-CVE-2017-8301.patch b/main/libressl/fix-CVE-2017-8301.patch
deleted file mode 100644
index c6684b25d0..0000000000
--- a/main/libressl/fix-CVE-2017-8301.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From: Jakub Jirutka <jakub@jirutka.cz>
-Date: Thu, 27 Apr 2017 20:02:00 +0200
-Subject: [PATCH] Fix CVE-2017-8301
-
-This patch reverts commit ddd98f8ea741a122952185a36c1396c14c2fda74
-that introduced the vulnerability.
-
-See also:
-
-* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8301
-* https://github.com/libressl-portable/portable/issues/307
-* https://github.com/libressl-portable/openbsd/commit/ddd98f8ea741a122952185a36c1396c14c2fda74
-
---- a/crypto/x509/x509_vfy.c
-+++ b/crypto/x509/x509_vfy.c
-@@ -541,15 +541,7 @@
- /* Safety net, error returns must set ctx->error */
- if (ok <= 0 && ctx->error == X509_V_OK)
- ctx->error = X509_V_ERR_UNSPECIFIED;
--
-- /*
-- * Safety net, if user provided verify callback indicates sucess
-- * make sure they have set error to X509_V_OK
-- */
-- if (ctx->verify_cb != null_callback && ok == 1)
-- ctx->error = X509_V_OK;
--
-- return(ctx->error == X509_V_OK);
-+ return ok;
- }
-
- /* Given a STACK_OF(X509) find the issuer of cert (if any)
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-28 13:45:07 +0000