diff options
| author | snj <snj@pkgsrc.org> | 2017-05-16 21:55:50 +0000 |
|---|---|---|
| committer | snj <snj@pkgsrc.org> | 2017-05-16 21:55:50 +0000 |
| commit | 25fac0f4fabaed22481c49b3eb360a0ac9ea01d7 (patch) | |
| tree | 0fab71c1003709037cac6a1307be9064af8d9732 | |
| parent | 58bf1e021567c1b4f03fc9596df4dba699f1668d (diff) | |
| download | pkgsrc-25fac0f4fabaed22481c49b3eb360a0ac9ea01d7.tar.gz | |
Fix CVE-2016-6129. Bump PKGREVISION to 3.
| -rw-r--r-- | security/libtomcrypt/Makefile | 4 | ||||
| -rw-r--r-- | security/libtomcrypt/distinfo | 3 | ||||
| -rw-r--r-- | security/libtomcrypt/patches/patch-src_pk_rsa_rsa__verify__hash.c | 33 |
3 files changed, 37 insertions, 3 deletions
diff --git a/security/libtomcrypt/Makefile b/security/libtomcrypt/Makefile index 1cfce9c80d0..b84b220911a 100644 --- a/security/libtomcrypt/Makefile +++ b/security/libtomcrypt/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.6 2014/12/16 02:58:20 mef Exp $ +# $NetBSD: Makefile,v 1.7 2017/05/16 21:55:50 snj Exp $ DISTNAME= crypt-1.17 PKGNAME= libtom${DISTNAME} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= security MASTER_SITES= http://libtom.org/files/ EXTRACT_SUFX= .tar.bz2 diff --git a/security/libtomcrypt/distinfo b/security/libtomcrypt/distinfo index b85321cd89d..dd8641617d5 100644 --- a/security/libtomcrypt/distinfo +++ b/security/libtomcrypt/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.5 2015/11/04 01:17:50 agc Exp $ +$NetBSD: distinfo,v 1.6 2017/05/16 21:55:50 snj Exp $ SHA1 (crypt-1.17.tar.bz2) = 9c746822c84e4276e432b64964f94d1d5ddd13ad RMD160 (crypt-1.17.tar.bz2) = 742d72d82fea2e6a9865d8c682c10cbaba69ea2f @@ -8,3 +8,4 @@ SHA1 (patch-aa) = a2385cf0543a19b1555d4370a10c012c5141b48a SHA1 (patch-ab) = c0eb1522dd02c2811deebfa353433e81e71a8928 SHA1 (patch-ac) = 871a713512b20199b502876d2523e8bf619c5e85 SHA1 (patch-src_headers_tomcrypt__macros.h) = 4aa1e0773a11c32fca83e7de82e12d44fdbb8202 +SHA1 (patch-src_pk_rsa_rsa__verify__hash.c) = 0bc2467fa3fc0a372baafbfea4c7b328422f8adb diff --git a/security/libtomcrypt/patches/patch-src_pk_rsa_rsa__verify__hash.c b/security/libtomcrypt/patches/patch-src_pk_rsa_rsa__verify__hash.c new file mode 100644 index 00000000000..6a74b930236 --- /dev/null +++ b/security/libtomcrypt/patches/patch-src_pk_rsa_rsa__verify__hash.c @@ -0,0 +1,33 @@ +$NetBSD: patch-src_pk_rsa_rsa__verify__hash.c,v 1.1 2017/05/16 21:55:50 snj Exp $ + +Fix for CVE-2016-6129. + +Source: https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd09 + +--- src/pk/rsa/rsa_verify_hash.c.orig 2007-05-12 07:46:25.000000000 -0700 ++++ src/pk/rsa/rsa_verify_hash.c 2017-05-16 13:42:46.762259864 -0700 +@@ -96,7 +96,7 @@ int rsa_verify_hash_ex(const unsigned ch + } else { + /* LTC_PKCS #1 v1.5 decode it */ + unsigned char *out; +- unsigned long outlen, loid[16]; ++ unsigned long outlen, loid[16], reallen; + int decoded; + ltc_asn1_list digestinfo[2], siginfo[2]; + +@@ -138,8 +138,14 @@ int rsa_verify_hash_ex(const unsigned ch + goto bail_2; + } + ++ if ((err = der_length_sequence(siginfo, 2, &reallen)) != CRYPT_OK) { ++ XFREE(out); ++ goto bail_2; ++ } ++ + /* test OID */ +- if ((digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) && ++ if ((reallen == outlen) && ++ (digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) && + (XMEMCMP(digestinfo[0].data, hash_descriptor[hash_idx].OID, sizeof(unsigned long) * hash_descriptor[hash_idx].OIDlen) == 0) && + (siginfo[1].size == hashlen) && + (XMEMCMP(siginfo[1].data, hash, hashlen) == 0)) { |