- changed status to resolved
[tnozaki-openssl] CVE-2022-2068 The c_rehash script does not properly sanitise shell metacharacters to prevent command injection (not discovered CVE-2022-1292)
Issue #289
resolved
Comments (1)
-
reporter - Log in to comment
BUGFIX: Issue
#289- CVE-2022-2068 The c_rehash script does not properly sanitise shell metacharacters to prevent command injection (not discovered CVE-2022-1292)patch obtained from(modified by me): https://github.com/openssl/openssl/commit/9639817dac8bbbaa64d09efad7464ccc405527c7
original commit message:
Fix file operations in c_rehash. CVE-2022-2068
Reviewed-by: Matt Caswell matt@openssl.org Reviewed-by: Richard Levitte levitte@openssl.org
→ <<cset 6ba7ef72a6c4>>