Hello All,
I am not sure that the patches below correct any potential
security issue, but use of values returned from calloc()/malloc()
and alloca() without checking for NULL may result in undesirable
behavior in OpenSSL 1.0.1c. The patches below result in a
clean './config' and 'make' under
From file `Configure`, around line 720:
my %disabled = ( # what = comment [or special keyword
experimental]
ec_nistp_64_gcc_128 = default,
gmp= default,
jpake = experimental,
md2= default,
I know this is my error, but the following is undesirable behavior:
$ ./config fips shared -no-sslv2 -no-sslv3 -no-comp -no-hw -no-engines
--openssldir=/usr/local/ssl/$ANDROID_API
--with-fipsdir=/usr/local/ssl/$ANDROID_API
--with-fipslibdir=/usr/local/ssl/$ANDROID_API/lib/
Operating system: