Bug 1301691
Summary: | openssl: verify function ignores X509_V_ERR_INVALID_PURPOSE in verify callback | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> | ||||||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||||||
Status: | CLOSED NOTABUG | QA Contact: | |||||||||||
Severity: | medium | Docs Contact: | |||||||||||
Priority: | medium | ||||||||||||
Version: | unspecified | CC: | bbaranow, bmaxwell, cdewolf, cheimes, csutherl, dandread, darran.lofthouse, dknox, jason.greene, jawilson, jclere, jdoyle, lgao, mbabacek, myarboro, osoukup, pgier, psakar, pslavice, rsvoboda, security-response-team, tmraz, twalsh, vtunka, weli | ||||||||||
Target Milestone: | --- | Keywords: | Security | ||||||||||
Target Release: | --- | ||||||||||||
Hardware: | All | ||||||||||||
OS: | Linux | ||||||||||||
Whiteboard: | |||||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||||
Doc Text: | Story Points: | --- | |||||||||||
Clone Of: | Environment: | ||||||||||||
Last Closed: | 2017-03-24 06:45:51 UTC | Type: | --- | ||||||||||
Regression: | --- | Mount Type: | --- | ||||||||||
Documentation: | --- | CRM: | |||||||||||
Verified Versions: | Category: | --- | |||||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||||
Embargoed: | |||||||||||||
Bug Depends On: | |||||||||||||
Bug Blocks: | 1301692 | ||||||||||||
Attachments: |
|
Description
Adam Mariš
2016-01-25 17:19:15 UTC
Created attachment 1127332 [details]
Proposed upstream patch 1
Created attachment 1127333 [details]
Proposed upstream patch 2
Created attachment 1127335 [details]
Proposed upstream patch 3
Created attachment 1127336 [details]
Proposed upstream patch 4
This patch was applied to upstream master branch to fix this issue: https://github.com/openssl/openssl/commit/33cc5dde478ba5ad79f8fd4acd8737f0e60e236e |