[Bug 1994165] Re: CMS_final: do not ignore CMS_dataFinal result

Sat Sep 16 16:05:16 UTC 2023

Hi
It seems that the issue is solved.
Thanks

On Tue, Sep 12, 2023 at 12:16 PM Adrien Nader <1994165 at bugs.launchpad.net>
wrote:

> I've created a PPA for Jammy that incorporates the fix mentionned. The
> details are available at
> https://launchpad.net/~adrien-n/+archive/ubuntu/openssl-jammy-sru .
> Could you test it and confirm your issue is solved?
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1994165
>
> Title:
>   CMS_final: do not ignore CMS_dataFinal result
>
> Status in openssl package in Ubuntu:
>   Fix Released
> Status in openssl source package in Jammy:
>   In Progress
> Status in openssl source package in Kinetic:
>   Won't Fix
> Status in openssl source package in Lunar:
>   Fix Released
>
> Bug description:
>   https://github.com/openssl/openssl/pull/18876
>
>   The CMS_dataFinal result is important as signature may fail, however, it
>   is ignored while returning success from CMS_final.
>
>   Please add this fix to The openssl 3.0.2 "Jammy Jellyfish (supported)"
>
>   Thanks
>
>   Upstream commit:
>
>   ```
>   commit 67c0460b89cc1b0644a1a59af78284dfd8d720af
>   Author: Alon Bar-Lev <alon.barlev at gmail.com>
>   Date:   Tue Jul 26 15:17:06 2022 +0300
>
>       Handle SMIME_crlf_copy return code
>
>       Currently the SMIME_crlf_copy result is ignored in all usages. It
> does
>       return failure when memory allocation fails.
>
>       This patch handles the SMIME_crlf_copy return code in all
> occurrences.
>
>       Signed-off-by: Alon Bar-Lev <alon.barlev at gmail.com>
>
>       Reviewed-by: Tomas Mraz <tomas at openssl.org>
>       Reviewed-by: Paul Dale <pauli at openssl.org>
>       Reviewed-by: Hugo Landau <hlandau at openssl.org>
>       (Merged from https://github.com/openssl/openssl/pull/18876)
>   ```
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1994165/+subscriptions
>
>

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1994165

Title:
  CMS_final: do not ignore CMS_dataFinal result

Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Jammy:
  In Progress
Status in openssl source package in Kinetic:
  Won't Fix
Status in openssl source package in Lunar:
  Fix Released

Bug description:
  https://github.com/openssl/openssl/pull/18876

  The CMS_dataFinal result is important as signature may fail, however, it
  is ignored while returning success from CMS_final.

  Please add this fix to The openssl 3.0.2 "Jammy Jellyfish (supported)"

  Thanks

  Upstream commit:

  ```
  commit 67c0460b89cc1b0644a1a59af78284dfd8d720af
  Author: Alon Bar-Lev <alon.barlev at gmail.com>
  Date:   Tue Jul 26 15:17:06 2022 +0300

      Handle SMIME_crlf_copy return code

      Currently the SMIME_crlf_copy result is ignored in all usages. It does
      return failure when memory allocation fails.

      This patch handles the SMIME_crlf_copy return code in all occurrences.

      Signed-off-by: Alon Bar-Lev <alon.barlev at gmail.com>

      Reviewed-by: Tomas Mraz <tomas at openssl.org>
      Reviewed-by: Paul Dale <pauli at openssl.org>
      Reviewed-by: Hugo Landau <hlandau at openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/18876)
  ```

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1994165/+subscriptions