x509name: fix OpenSSL::X509::Name#{cmp,<=>} - ruby-openssl.git

diff options

author	Kazuki Yamaguchi <k@rhe.jp>	2018-07-27 17:01:04 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2018-10-17 16:42:36 +0900
commit	f653cfa43f0f20e8c440122ea982382b6228e7f5 (patch)
tree	4808109f2ccee9349d5b69caba292092f1c8bc3b /test/test_x509req.rb
parent	1f90516e32ecd755d592002585e97cb78752eae2 (diff)
download	ruby-openssl-ky/x509name-cmp-bugfix.tar.gz

x509name: fix OpenSSL::X509::Name#{cmp,<=>}ky/x509name-cmp-bugfix

Fix wrong use of X509_NAME_cmp() return value. OpenSSL::X509::Name#<=> could return 0 when the two objects aren't identical. Reported by Tyler Eckstein. CVE-2018-16395. Reference: https://hackerone.com/reports/387250

Diffstat (limited to 'test/test_x509req.rb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: