annotate OrthancFramework/Resources/Patches/openssl-1.1.1k.patch @ 5428:8174e45f48d8

Upgraded minizip library to stay away from CVE-2023-45853
author Alain Mazy <am@osimis.io>
date Fri, 17 Nov 2023 08:58:40 +0100
parents 0524d6e93672
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4635
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
1 diff -urEb openssl-1.1.1k.orig/crypto/rand/rand_unix.c openssl-1.1.1k/crypto/rand/rand_unix.c
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
2 --- openssl-1.1.1k.orig/crypto/rand/rand_unix.c 2021-04-21 11:33:05.241258372 +0200
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
3 +++ openssl-1.1.1k/crypto/rand/rand_unix.c 2021-04-21 11:34:48.705287133 +0200
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
4 @@ -455,6 +455,7 @@
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
5 * system call and this should always succeed which renders
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
6 * this alternative but essentially identical source moot.
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
7 */
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
8 +#if !defined(__LSB_VERSION__) // "syscall()" is not available in LSB
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
9 if (uname(&un) == 0) {
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
10 kernel[0] = atoi(un.release);
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
11 p = strchr(un.release, '.');
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
12 @@ -465,6 +466,7 @@
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
13 return 0;
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
14 }
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
15 }
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
16 +#endif
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
17 /* Open /dev/random and wait for it to be readable */
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
18 if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) {
0524d6e93672 upgrade to openssl 1.1.1k
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
19 if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) {