projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3321993) | patch
c_rehash: Do not use shell to invoke openssl
authorTomas Mraz <tomas@openssl.org>
Tue, 26 Apr 2022 10:40:24 +0000 (12:40 +0200)
committerMatt Caswell <matt@openssl.org>
Tue, 3 May 2022 10:07:36 +0000 (11:07 +0100)
commit7c33270707b568c524a8ef125fe611a8872cb5e8
tree2e5196c0868cb41c3d8837efbdcc707e8625f856tree | snapshot
parent33219939c782cf363b30e9e899b9997fb1ced440commit | diff
c_rehash: Do not use shell to invoke openssl

Except on VMS where it is safe.

This fixes CVE-2022-1292.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
tools/c_rehash.in diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.