untrusted comment: verify with openbsd-72-base.pub
RWQTKNnK3CZZ8OzQ9BoJTzOjj216wmgZUu/HZxiSdtBwmQv4Iz8AERM4xVfEqrF45CjKyAI7hwGJ5ISbZqZaNIKE7RHO5PP1cg4=
OpenBSD 7.2 errata 012, December 16, 2022:
Removing a domain can result in an out-of-bounds write in acme-client(8).
Apply by doing:
signify -Vep /etc/signify/openbsd-72-base.pub -x 012_acme.patch.sig \
-m - | (cd /usr/src && patch -p0)
And then rebuild and install acme-client
cd /usr/src/usr.sbin/acme-client
make obj
make
make install
Index: usr.sbin/acme-client/revokeproc.c
===================================================================
RCS file: /cvs/src/usr.sbin/acme-client/revokeproc.c,v
diff -u -p -r1.19 revokeproc.c
--- usr.sbin/acme-client/revokeproc.c 22 Nov 2021 08:26:08 -0000 1.19
+++ usr.sbin/acme-client/revokeproc.c 14 Dec 2022 17:26:46 -0000
@@ -239,6 +239,7 @@ revokeproc(int fd, const char *certfile,
goto out;
}
force = 2;
+ continue;
}
if (found[j]++) {
if (revocate) {
