diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2015-09-17 11:45:13 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-09-17 11:45:13 +0000 |
| commit | f239b88c199f4dde531df4d987c269f41d16ac9a (patch) | |
| tree | 6564bfcca55d053d6a5033e76e4466413e5501dc | |
| parent | 38f99bbb5423bbd53311287136f971848c5f831d (diff) | |
| download | aports-f239b88c199f4dde531df4d987c269f41d16ac9a.tar.bz2 aports-f239b88c199f4dde531df4d987c269f41d16ac9a.tar.xz | |
main/gnutls: security fix (CVE-2015-6251)
fixes #4570
| -rw-r--r-- | main/gnutls/APKBUILD | 12 | ||||
| -rw-r--r-- | main/gnutls/CVE-2015-6251.patch | 24 |
2 files changed, 32 insertions, 4 deletions
diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD index 2618b61c9b..d239ed939b 100644 --- a/main/gnutls/APKBUILD +++ b/main/gnutls/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=gnutls pkgver=3.2.15 -pkgrel=0 +pkgrel=1 pkgdesc="A TLS protocol implementation" url="http://www.gnutls.org/" arch="all" @@ -24,6 +24,7 @@ esac source="ftp://ftp.gnutls.org/gcrypt/gnutls/v${_ver}/$pkgname-$pkgver.tar.xz libgmp.patch + CVE-2015-6251.patch " _builddir="$srcdir/$pkgname-$_sver" @@ -74,8 +75,11 @@ xx() { } md5sums="ec3b06f80e312137386c5d322183ca5a gnutls-3.2.15.tar.xz -3ce8fb390345afbd490cd9ac487dabbd libgmp.patch" +3ce8fb390345afbd490cd9ac487dabbd libgmp.patch +f094657bbc13eb61fb9c55eeb8339bdd CVE-2015-6251.patch" sha256sums="30bdc7b34b220258f714602cdf0afa1abf0883bf926f35f400c88b1c72ca77b9 gnutls-3.2.15.tar.xz -39b49c5166819cd4c57ec7d1b42e0470c5d1bde3bebb4b9fbb465d1ef2eb7d2d libgmp.patch" +39b49c5166819cd4c57ec7d1b42e0470c5d1bde3bebb4b9fbb465d1ef2eb7d2d libgmp.patch +4d26685ec787659871f1ae05746dfafb3a71dd7f0ed09e2a6c9bb88f06f95432 CVE-2015-6251.patch" sha512sums="efb912e2ebeb43a724f76fdb1b4afeb95706ca791f5b6d3cc1d88257504f591a000e7f69e8b01e0cae2f24960c2fe41a3829409ddef1c25987fb986c3af264a9 gnutls-3.2.15.tar.xz -1c02594d6bf288561ffd1f0828089a8eaa5129eac1fb2631340370ea94099762bcb883aec188bb31bffe22c0ddeee7abad5e3926b1f64dc22c916760ead16a74 libgmp.patch" +1c02594d6bf288561ffd1f0828089a8eaa5129eac1fb2631340370ea94099762bcb883aec188bb31bffe22c0ddeee7abad5e3926b1f64dc22c916760ead16a74 libgmp.patch +3dd99da3876406bb347144a89fa91f11467097dff7945180fb1b51dce811c5920f23673da8e7f035fdd5b2fd58ebe786cc4e8c261b9a1d5e886ec1d1d58b252d CVE-2015-6251.patch" diff --git a/main/gnutls/CVE-2015-6251.patch b/main/gnutls/CVE-2015-6251.patch new file mode 100644 index 0000000000..477402cc30 --- /dev/null +++ b/main/gnutls/CVE-2015-6251.patch @@ -0,0 +1,24 @@ +From 272854367efc130fbd4f1a51840d80c630214e12 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos <nmav@gnutls.org> +Date: Mon, 20 Jul 2015 21:49:28 +0200 +Subject: [PATCH] Reset the output value on error in _gnutls_x509_dn_to_string() + +--- + lib/x509/common.c | 1 + + 1 file changed, 1 insertion(+), 0 deletions(-) + +diff --git a/lib/x509/common.c b/lib/x509/common.c +index 94b6bbc..9a4b96f 100644 +--- a/lib/x509/common.c ++++ b/lib/x509/common.c +@@ -469,6 +469,7 @@ _gnutls_x509_dn_to_string(const char *oid, void *value, + if (ret < 0) { + gnutls_assert(); + gnutls_free(str->data); ++ str->data = NULL; + return ret; + } + str->size = size; +-- +libgit2 0.22.2 + |