diff options
author | tonnerre <tonnerre> | 2008-06-03 21:39:40 +0000 |
---|---|---|
committer | tonnerre <tonnerre> | 2008-06-03 21:39:40 +0000 |
commit | 065f22d3edfa8da8ca0f992e3bfe900156a2225e (patch) | |
tree | e286554e1d7fee1841594600e754c1911fccf5e8 /security | |
parent | 681f11e072ef62ad79948fc43b9187ebf737dc94 (diff) | |
download | pkgsrc-065f22d3edfa8da8ca0f992e3bfe900156a2225e.tar.gz |
Fix two Denial of Service vulnerabilities in OpenSSL 0.9.8g:
- Fix flaw if 'Server Key exchange message' is omitted from a TLS handshake
which could lead to a silent crash.
- Fix double free in TLS server name extensions which could lead to a remote
crash.
Patches from upstream.
Diffstat (limited to 'security')
-rw-r--r-- | security/openssl/Makefile | 3 | ||||
-rw-r--r-- | security/openssl/distinfo | 4 | ||||
-rw-r--r-- | security/openssl/patches/patch-ab | 18 | ||||
-rw-r--r-- | security/openssl/patches/patch-ah | 12 |
4 files changed, 35 insertions, 2 deletions
diff --git a/security/openssl/Makefile b/security/openssl/Makefile index 22c7d8a4353..55b2f482e8f 100644 --- a/security/openssl/Makefile +++ b/security/openssl/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.131 2008/01/17 06:42:47 tnn Exp $ +# $NetBSD: Makefile,v 1.132 2008/06/03 21:39:40 tonnerre Exp $ OPENSSL_SNAPSHOT?= # empty OPENSSL_STABLE?= # empty OPENSSL_VERS?= 0.9.8g +PKGREVISION= 1 .if empty(OPENSSL_SNAPSHOT) DISTNAME= openssl-${OPENSSL_VERS} diff --git a/security/openssl/distinfo b/security/openssl/distinfo index 28980f846c2..dc26e264926 100644 --- a/security/openssl/distinfo +++ b/security/openssl/distinfo @@ -1,13 +1,15 @@ -$NetBSD: distinfo,v 1.59 2008/05/08 14:04:25 tonnerre Exp $ +$NetBSD: distinfo,v 1.60 2008/06/03 21:39:40 tonnerre Exp $ SHA1 (openssl-0.9.8g.tar.gz) = 4e9c5ced466715d18fd924de79bde5c15da80fa1 RMD160 (openssl-0.9.8g.tar.gz) = f080a32da9becdc8b98c38744d62c6fd8664f603 Size (openssl-0.9.8g.tar.gz) = 3354792 bytes SHA1 (patch-aa) = b28ec662bf0586e31d59cab45e3a28b91b10dac1 +SHA1 (patch-ab) = b09beb8db8046293cd63d3f37e0c1ae5001eb5a1 SHA1 (patch-ac) = 56a5dc87e6d5decc3407906bb584cf00fd52ec15 SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3 SHA1 (patch-ae) = 7a58f1765a3761321dcc8dafc5fe2e33207be480 SHA1 (patch-af) = 3c1a88329b1a1c54bdd4624ceaf723af3749ec32 SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8 +SHA1 (patch-ah) = c961d75984a7a94c0584df8e8aa24e1f61158787 SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0 SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302 diff --git a/security/openssl/patches/patch-ab b/security/openssl/patches/patch-ab new file mode 100644 index 00000000000..7b185c9624b --- /dev/null +++ b/security/openssl/patches/patch-ab @@ -0,0 +1,18 @@ +$NetBSD: patch-ab,v 1.12 2008/06/03 21:39:40 tonnerre Exp $ + +--- ssl/s3_clnt.c.orig 2007-08-31 02:28:51.000000000 +0200 ++++ ssl/s3_clnt.c +@@ -1967,6 +1967,13 @@ int ssl3_send_client_key_exchange(SSL *s + { + DH *dh_srvr,*dh_clnt; + ++ if (s->session->sess_cert == NULL) ++ { ++ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); ++ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); ++ goto err; ++ } ++ + if (s->session->sess_cert->peer_dh_tmp != NULL) + dh_srvr=s->session->sess_cert->peer_dh_tmp; + else diff --git a/security/openssl/patches/patch-ah b/security/openssl/patches/patch-ah new file mode 100644 index 00000000000..69f2080d789 --- /dev/null +++ b/security/openssl/patches/patch-ah @@ -0,0 +1,12 @@ +$NetBSD: patch-ah,v 1.8 2008/06/03 21:39:40 tonnerre Exp $ + +--- ssl/t1_lib.c.orig 2007-10-19 09:44:10.000000000 +0200 ++++ ssl/t1_lib.c +@@ -324,6 +324,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, + s->session->tlsext_hostname[len]='\0'; + if (strlen(s->session->tlsext_hostname) != len) { + OPENSSL_free(s->session->tlsext_hostname); ++ s->session->tlsext_hostname = NULL; + *al = TLS1_AD_UNRECOGNIZED_NAME; + return 0; + } |