[Bug 1994165] Re: CMS_final: do not ignore CMS_dataFinal result

Benjamin Drung 1994165 at bugs.launchpad.net
Wed Oct 26 12:45:01 UTC 2022 

"git tag --contains 67c0460b89cc1b0644a1a59af78284dfd8d720af" shows that
no release contains the upstream commit yet.

** Description changed:

  https://github.com/openssl/openssl/pull/18876
  
  The CMS_dataFinal result is important as signature may fail, however, it
  is ignored while returning success from CMS_final.
  
- 
  Please add this fix to The openssl 3.0.2 "Jammy Jellyfish (supported)"
  
  Thanks
+ 
+ Upstream commit:
+ 
+ ```
+ commit 67c0460b89cc1b0644a1a59af78284dfd8d720af
+ Author: Alon Bar-Lev <alon.barlev at gmail.com>
+ Date:   Tue Jul 26 15:17:06 2022 +0300
+ 
+     Handle SMIME_crlf_copy return code
+     
+     Currently the SMIME_crlf_copy result is ignored in all usages. It does
+     return failure when memory allocation fails.
+     
+     This patch handles the SMIME_crlf_copy return code in all occurrences.
+     
+     Signed-off-by: Alon Bar-Lev <alon.barlev at gmail.com>
+     
+     Reviewed-by: Tomas Mraz <tomas at openssl.org>
+     Reviewed-by: Paul Dale <pauli at openssl.org>
+     Reviewed-by: Hugo Landau <hlandau at openssl.org>
+     (Merged from https://github.com/openssl/openssl/pull/18876)
+ ```

** Changed in: openssl (Ubuntu)
       Status: New => Triaged

** Changed in: openssl (Ubuntu)
   Importance: Undecided => Medium

** Also affects: openssl (Ubuntu Kinetic)
   Importance: Medium
       Status: Triaged

** Also affects: openssl (Ubuntu Jammy)
   Importance: Undecided
       Status: New

** Changed in: openssl (Ubuntu Jammy)
       Status: New => Triaged

** Changed in: openssl (Ubuntu Jammy)
   Importance: Undecided => High

** Changed in: openssl (Ubuntu Jammy)
   Importance: High => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1994165

Title:
  CMS_final: do not ignore CMS_dataFinal result

Status in openssl package in Ubuntu:
  Triaged
Status in openssl source package in Jammy:
  Triaged
Status in openssl source package in Kinetic:
  Triaged

Bug description:
  https://github.com/openssl/openssl/pull/18876

  The CMS_dataFinal result is important as signature may fail, however, it
  is ignored while returning success from CMS_final.

  Please add this fix to The openssl 3.0.2 "Jammy Jellyfish (supported)"

  Thanks

  Upstream commit:

  ```
  commit 67c0460b89cc1b0644a1a59af78284dfd8d720af
  Author: Alon Bar-Lev <alon.barlev at gmail.com>
  Date:   Tue Jul 26 15:17:06 2022 +0300

      Handle SMIME_crlf_copy return code
      
      Currently the SMIME_crlf_copy result is ignored in all usages. It does
      return failure when memory allocation fails.
      
      This patch handles the SMIME_crlf_copy return code in all occurrences.
      
      Signed-off-by: Alon Bar-Lev <alon.barlev at gmail.com>
      
      Reviewed-by: Tomas Mraz <tomas at openssl.org>
      Reviewed-by: Paul Dale <pauli at openssl.org>
      Reviewed-by: Hugo Landau <hlandau at openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/18876)
  ```

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1994165/+subscriptions

More information about the foundations-bugs mailing list