pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2007Q3]: pkgsrc/security/openssl Pullup ticket 2209 - requeste...
details: https://anonhg.NetBSD.org/pkgsrc/rev/e5e82f6c9afa
branches: pkgsrc-2007Q3
changeset: 534011:e5e82f6c9afa
user: ghen <ghen%pkgsrc.org@localhost>
date: Mon Oct 22 08:47:22 2007 +0000
description:
Pullup ticket 2209 - requested by adrianp
security fix for openssl
- pkgsrc/security/openssl/Makefile 1.128
- pkgsrc/security/openssl/distinfo 1.56
- pkgsrc/security/openssl/patches/patch-ao 1.2
Module Name: pkgsrc
Committed By: adrianp
Date: Sun Oct 21 17:52:53 UTC 2007
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
pkgsrc/security/openssl/patches: patch-ao
Log Message:
Full and proper fix for CVE-2007-5135
PKGREVISION++
diffstat:
security/openssl/Makefile | 4 +-
security/openssl/distinfo | 4 +-
security/openssl/patches/patch-ao | 54 +++++++++++++++++++++++++++++++-------
3 files changed, 48 insertions(+), 14 deletions(-)
diffs (99 lines):
diff -r 9701e756a9c5 -r e5e82f6c9afa security/openssl/Makefile
--- a/security/openssl/Makefile Sun Oct 14 10:53:07 2007 +0000
+++ b/security/openssl/Makefile Mon Oct 22 08:47:22 2007 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.127 2007/08/04 14:29:43 tnn Exp $
+# $NetBSD: Makefile,v 1.127.2.1 2007/10/22 08:47:22 ghen Exp $
OPENSSL_SNAPSHOT?= # empty
OPENSSL_STABLE?= # empty
@@ -24,7 +24,7 @@
. endif
.endif
-PKGREVISION= 4
+PKGREVISION= 5
SVR4_PKGNAME= ossl
CATEGORIES= security
MAINTAINER= pkgsrc-users%NetBSD.org@localhost
diff -r 9701e756a9c5 -r e5e82f6c9afa security/openssl/distinfo
--- a/security/openssl/distinfo Sun Oct 14 10:53:07 2007 +0000
+++ b/security/openssl/distinfo Mon Oct 22 08:47:22 2007 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.55 2007/08/04 14:29:43 tnn Exp $
+$NetBSD: distinfo,v 1.55.2.1 2007/10/22 08:47:23 ghen Exp $
SHA1 (openssl-0.9.7i.tar.gz) = 4c23925744d43272fa19615454da44e01465eb06
RMD160 (openssl-0.9.7i.tar.gz) = 0dce52c5793a0c37f17b620f7d26bbf9e4fcf755
@@ -14,7 +14,7 @@
SHA1 (patch-al) = 64fd0be6adf30821b4c4bba3c9088c6dcbff3ba7
SHA1 (patch-am) = 209aad896f976e5acc9bf66f5e3fdf6193d2ff3d
SHA1 (patch-an) = c38cf54341ae5b770f984859c1a3bf6df41e0532
-SHA1 (patch-ao) = 834860d35eaa1211db664346a362822114bd16ef
+SHA1 (patch-ao) = 625c6379b38769b639bc7f87ccb0d23c651bf5eb
SHA1 (patch-ap) = 9473b8e69b71864baab3d38ee3de90e7027b1b0b
SHA1 (patch-aq) = 68704a8048f7eea3744ae5e04dda09c676762923
SHA1 (patch-ar) = 575be597244eb04576651d7b0276604d51fa7464
diff -r 9701e756a9c5 -r e5e82f6c9afa security/openssl/patches/patch-ao
--- a/security/openssl/patches/patch-ao Sun Oct 14 10:53:07 2007 +0000
+++ b/security/openssl/patches/patch-ao Mon Oct 22 08:47:22 2007 +0000
@@ -1,15 +1,49 @@
-$NetBSD: patch-ao,v 1.1 2006/09/30 04:20:24 taca Exp $
+$NetBSD: patch-ao,v 1.1.10.1 2007/10/22 08:47:23 ghen Exp $
-# http://secunia.com/advisories/22130/
+# CVE-2007-5135
---- ssl/ssl_lib.c.orig 2005-06-11 05:00:39.000000000 +0900
+--- ssl/ssl_lib.c.orig 2005-06-10 21:00:39.000000000 +0100
+++ ssl/ssl_lib.c
-@@ -1187,7 +1187,7 @@ char *SSL_get_shared_ciphers(const SSL *
+@@ -1169,7 +1169,6 @@ int SSL_set_cipher_list(SSL *s,const cha
+ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
+ {
+ char *p;
+- const char *cp;
+ STACK_OF(SSL_CIPHER) *sk;
+ SSL_CIPHER *c;
+ int i;
+@@ -1182,20 +1181,21 @@ char *SSL_get_shared_ciphers(const SSL *
+ sk=s->session->ciphers;
+ for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+ {
+- /* Decrement for either the ':' or a '\0' */
+- len--;
++ int n;
++
c=sk_SSL_CIPHER_value(sk,i);
- for (cp=c->name; *cp; )
- {
+- for (cp=c->name; *cp; )
+- {
- if (len-- == 0)
-+ if (len-- <= 0)
- {
- *p='\0';
- return(buf);
+- {
+- *p='\0';
+- return(buf);
+- }
+- else
+- *(p++)= *(cp++);
+- }
+- *(p++)=':';
++ n=strlen(c->name);
++ if (n+1 > len)
++ {
++ if (p != buf)
++ --p;
++ *p='\0';
++ return buf;
++ }
++ strcpy(p,c->name);
++ p+=n;
++ *(p++)=':';
++ len-=n+1;
+ }
+ p[-1]='\0';
+ return(buf);
Home |
Main Index |
Thread Index |
Old Index