webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-25 18:32:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
dc871930f600677514cefca5fb7befa4e809442e
bpfire/lfs/openssl
Adolf Belka a694737a13 openssl: Update to version 1.1.1o 
- Update from version 1.1.1n to 1.1.1o
- Update of rootfile not required
- This patch is to go into CU168 as this update is for fixing a moderate severity CVE
- Changelog
   1.1.1o [3 May 2022]
	    (CVE-2022-1292)
	    Fixed a bug in the c_rehash script which was not properly sanitising shell
	    metacharacters to prevent command injection.  This script is distributed by
	    some operating systems in a manner where it is automatically executed.  On
	    such operating systems, an attacker could execute arbitrary commands with the
	    privileges of the script.
	    Use of the c_rehash script is considered obsolete and should be replaced
	    by the OpenSSL rehash command line tool.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
2022-05-05 14:18:34 +00:00

4.1 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink