pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/openssl Fix two Denial of Service vulnerabili...
details: https://anonhg.NetBSD.org/pkgsrc/rev/2915f67ea841
branches: trunk
changeset: 543099:2915f67ea841
user: tonnerre <tonnerre%pkgsrc.org@localhost>
date: Tue Jun 03 21:39:40 2008 +0000
description:
Fix two Denial of Service vulnerabilities in OpenSSL 0.9.8g:
- Fix flaw if 'Server Key exchange message' is omitted from a TLS handshake
which could lead to a silent crash.
- Fix double free in TLS server name extensions which could lead to a remote
crash.
Patches from upstream.
diffstat:
security/openssl/Makefile | 3 ++-
security/openssl/distinfo | 4 +++-
security/openssl/patches/patch-ab | 18 ++++++++++++++++++
security/openssl/patches/patch-ah | 12 ++++++++++++
4 files changed, 35 insertions(+), 2 deletions(-)
diffs (72 lines):
diff -r a5508b5af999 -r 2915f67ea841 security/openssl/Makefile
--- a/security/openssl/Makefile Tue Jun 03 20:31:10 2008 +0000
+++ b/security/openssl/Makefile Tue Jun 03 21:39:40 2008 +0000
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.131 2008/01/17 06:42:47 tnn Exp $
+# $NetBSD: Makefile,v 1.132 2008/06/03 21:39:40 tonnerre Exp $
OPENSSL_SNAPSHOT?= # empty
OPENSSL_STABLE?= # empty
OPENSSL_VERS?= 0.9.8g
+PKGREVISION= 1
.if empty(OPENSSL_SNAPSHOT)
DISTNAME= openssl-${OPENSSL_VERS}
diff -r a5508b5af999 -r 2915f67ea841 security/openssl/distinfo
--- a/security/openssl/distinfo Tue Jun 03 20:31:10 2008 +0000
+++ b/security/openssl/distinfo Tue Jun 03 21:39:40 2008 +0000
@@ -1,13 +1,15 @@
-$NetBSD: distinfo,v 1.59 2008/05/08 14:04:25 tonnerre Exp $
+$NetBSD: distinfo,v 1.60 2008/06/03 21:39:40 tonnerre Exp $
SHA1 (openssl-0.9.8g.tar.gz) = 4e9c5ced466715d18fd924de79bde5c15da80fa1
RMD160 (openssl-0.9.8g.tar.gz) = f080a32da9becdc8b98c38744d62c6fd8664f603
Size (openssl-0.9.8g.tar.gz) = 3354792 bytes
SHA1 (patch-aa) = b28ec662bf0586e31d59cab45e3a28b91b10dac1
+SHA1 (patch-ab) = b09beb8db8046293cd63d3f37e0c1ae5001eb5a1
SHA1 (patch-ac) = 56a5dc87e6d5decc3407906bb584cf00fd52ec15
SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3
SHA1 (patch-ae) = 7a58f1765a3761321dcc8dafc5fe2e33207be480
SHA1 (patch-af) = 3c1a88329b1a1c54bdd4624ceaf723af3749ec32
SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8
+SHA1 (patch-ah) = c961d75984a7a94c0584df8e8aa24e1f61158787
SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0
SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302
diff -r a5508b5af999 -r 2915f67ea841 security/openssl/patches/patch-ab
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssl/patches/patch-ab Tue Jun 03 21:39:40 2008 +0000
@@ -0,0 +1,18 @@
+$NetBSD: patch-ab,v 1.12 2008/06/03 21:39:40 tonnerre Exp $
+
+--- ssl/s3_clnt.c.orig 2007-08-31 02:28:51.000000000 +0200
++++ ssl/s3_clnt.c
+@@ -1967,6 +1967,13 @@ int ssl3_send_client_key_exchange(SSL *s
+ {
+ DH *dh_srvr,*dh_clnt;
+
++ if (s->session->sess_cert == NULL)
++ {
++ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
++ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
++ goto err;
++ }
++
+ if (s->session->sess_cert->peer_dh_tmp != NULL)
+ dh_srvr=s->session->sess_cert->peer_dh_tmp;
+ else
diff -r a5508b5af999 -r 2915f67ea841 security/openssl/patches/patch-ah
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssl/patches/patch-ah Tue Jun 03 21:39:40 2008 +0000
@@ -0,0 +1,12 @@
+$NetBSD: patch-ah,v 1.8 2008/06/03 21:39:40 tonnerre Exp $
+
+--- ssl/t1_lib.c.orig 2007-10-19 09:44:10.000000000 +0200
++++ ssl/t1_lib.c
+@@ -324,6 +324,7 @@ int ssl_parse_clienthello_tlsext(SSL *s,
+ s->session->tlsext_hostname[len]='\0';
+ if (strlen(s->session->tlsext_hostname) != len) {
+ OPENSSL_free(s->session->tlsext_hostname);
++ s->session->tlsext_hostname = NULL;
+ *al = TLS1_AD_UNRECOGNIZED_NAME;
+ return 0;
+ }
Home |
Main Index |
Thread Index |
Old Index