diff options
author | drochner <drochner> | 2009-02-27 12:46:54 +0000 |
---|---|---|
committer | drochner <drochner> | 2009-02-27 12:46:54 +0000 |
commit | 837fabdb381654e6e71a584c3554bc5113f755dc (patch) | |
tree | 9b7244885cad49b55acdc7605261d35b985cf999 /security | |
parent | cb928eb40b0ce95424619b3b11610bf396fac8da (diff) | |
download | pkgsrc-837fabdb381654e6e71a584c3554bc5113f755dc.tar.gz |
add a patch from upstream to fix buffer oberflow in ARC2 code
(CVE-2009-0544), bump PKGREVISION
Diffstat (limited to 'security')
-rw-r--r-- | security/py-amkCrypto/Makefile | 4 | ||||
-rw-r--r-- | security/py-amkCrypto/distinfo | 3 | ||||
-rw-r--r-- | security/py-amkCrypto/patches/patch-aa | 25 |
3 files changed, 29 insertions, 3 deletions
diff --git a/security/py-amkCrypto/Makefile b/security/py-amkCrypto/Makefile index e57bea3815e..366bc98a6d5 100644 --- a/security/py-amkCrypto/Makefile +++ b/security/py-amkCrypto/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.22 2008/05/08 18:59:38 joerg Exp $ +# $NetBSD: Makefile,v 1.23 2009/02/27 12:46:54 drochner Exp $ # DISTNAME= pycrypto-2.0.1 PKGNAME= ${PYPKGPREFIX}-amkCrypto-2.0.1 -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= security python MASTER_SITES= http://www.amk.ca/files/python/crypto/ diff --git a/security/py-amkCrypto/distinfo b/security/py-amkCrypto/distinfo index 3eac16d907e..8a98899dcb0 100644 --- a/security/py-amkCrypto/distinfo +++ b/security/py-amkCrypto/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.5 2005/10/25 17:07:27 drochner Exp $ +$NetBSD: distinfo,v 1.6 2009/02/27 12:46:54 drochner Exp $ SHA1 (pycrypto-2.0.1.tar.gz) = c77cdefdfb06e4749690013a9a9e1600ab14e26f RMD160 (pycrypto-2.0.1.tar.gz) = 5ce938a24f77f414e42680c17ef9b6dc8de94a2e Size (pycrypto-2.0.1.tar.gz) = 154292 bytes +SHA1 (patch-aa) = 04a36213697fa02896ba721c9ab35464c60f01a6 diff --git a/security/py-amkCrypto/patches/patch-aa b/security/py-amkCrypto/patches/patch-aa new file mode 100644 index 00000000000..992d776bad2 --- /dev/null +++ b/security/py-amkCrypto/patches/patch-aa @@ -0,0 +1,25 @@ +$NetBSD: patch-aa,v 1.3 2009/02/27 12:46:54 drochner Exp $ + +--- src/ARC2.c.orig 2002-05-17 15:34:45.000000000 +0200 ++++ src/ARC2.c +@@ -11,6 +11,7 @@ + */ + + #include <string.h> ++#include "Python.h" + + #define MODULE_NAME ARC2 + #define BLOCK_SIZE 8 +@@ -146,6 +147,12 @@ block_init(block_state *self, U8 *key, i + We'll hardwire it to 1024. */ + #define bits 1024 + ++ if ((U32)keylength > sizeof(self->xkey)) { ++ PyErr_SetString(PyExc_ValueError, ++ "ARC2 key length must be less than 128 bytes"); ++ return; ++ } ++ + memcpy(self->xkey, key, keylength); + + /* Phase 1: Expand input key to 128 bytes */ |