Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-142313

openssl: build error because of missing #include

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • openssl
    • Low
    • rhel-security-crypto-diamonds
    • 0
    • None
    • None
    • None
    • None
    • None

      When integrating openssl/ rhel-8.8.0 and rhel-8-main as a submodule in edk2 I run into a build error:
      https://gitlab.com/redhat/rhel/src/edk2/-/merge_requests/131
      The problem is that commit "Backport implicit rejection mechanism for RSA PKCS#1 v1.5 to RHEL-8 series"
      introduced a bug into the code that makes it unbuildable in our environment.

      The following patch iin our .spec file fixes it in my case, but isn't a sustainable solution:
      +# Fix missing include for CVE-2022-4304 implicit rejection patch (RHEL-115901)
      +# Bug introduced in openssl by
      +# commit 05a955aff129 ("Backport implicit rejection mechanism for RSA PKCS#1 v1.5 to RHEL-8 series")
      +sed -i '/#include <openssl\/x509.h>/a #include <openssl/rsa.h>' CryptoPkg/Library/OpensslLib/openssl/crypto/pkcs7/pk7_doit.c

              dbelyavs@redhat.com Dmitry Belyavskiy
              jmaloy Jon Maloy
              Dmitry Belyavskiy Dmitry Belyavskiy
              Georgios Stavros Pantelakis Georgios Stavros Pantelakis
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: