aboutsummaryrefslogtreecommitdiffstats
path: root/main/libtasn1
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2019-07-23 17:50:39 -0300
committerNatanael Copa <ncopa@alpinelinux.org>2019-07-24 10:07:51 +0200
commitb2bb01e5559952d7c2535629e34c5a46a8c2b4ff (patch)
treeeaa1600b667fcc8f621b5b47b41b1df9aa7ae944 /main/libtasn1
parent2cf2c99417fc593d654d8a0cab2c69f5618d747b (diff)
downloadaports-b2bb01e5559952d7c2535629e34c5a46a8c2b4ff.tar.bz2
aports-b2bb01e5559952d7c2535629e34c5a46a8c2b4ff.tar.xz
main/libtasn1: security upgrade to 4.14
- CVE-2018-1000654 Fixes #10519
Diffstat (limited to 'main/libtasn1')
-rw-r--r--main/libtasn1/APKBUILD15
-rw-r--r--main/libtasn1/CVE-2017-10790.patch55
2 files changed, 8 insertions, 62 deletions
diff --git a/main/libtasn1/APKBUILD b/main/libtasn1/APKBUILD
index 7ce580d08f..315cd9f69f 100644
--- a/main/libtasn1/APKBUILD
+++ b/main/libtasn1/APKBUILD
@@ -1,23 +1,24 @@
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libtasn1
-pkgver=4.13
+pkgver=4.14
pkgrel=0
pkgdesc="The ASN.1 library used in GNUTLS"
url="https://www.gnu.org/software/gnutls/"
arch="all"
license="GPL-3.0 LGPL"
makedepends="texinfo"
+checkdepends="diffutils"
subpackages="$pkgname-dev $pkgname-doc"
-source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz
- "
-builddir="$srcdir/$pkgname-$pkgver"
+source="http://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz"
# secfixes:
+# 4.14-r0:
+# - CVE-2018-1000654
# 4.13-r0:
-# - CVE-2018-6003
+# - CVE-2018-6003
# 4.12-r1:
-# - CVE-2017-10790
+# - CVE-2017-10790
build() {
cd "$builddir"
@@ -40,4 +41,4 @@ package() {
cd "$builddir"
make DESTDIR="$pkgdir" install
}
-sha512sums="bf5b60a296795e0a8a4a658c0106492393aa7ce698e785256b3427c17215c2a5b6178a61a2043c93ea4334f754eabece20221ac8fef0fd5644086a3891d98a9f libtasn1-4.13.tar.gz"
+sha512sums="efdcf3729e9e057cafbfdc9929f08531de03cf3b64e7db62cb53c26bf34c8db4d73786fd853620ab1a10dbafe55e119ad17bfeb40e191071945c7b4db9c9e223 libtasn1-4.14.tar.gz"
diff --git a/main/libtasn1/CVE-2017-10790.patch b/main/libtasn1/CVE-2017-10790.patch
deleted file mode 100644
index eb752c20a9..0000000000
--- a/main/libtasn1/CVE-2017-10790.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From d8d805e1f2e6799bb2dff4871a8598dc83088a39 Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Thu, 22 Jun 2017 16:31:37 +0200
-Subject: [PATCH] _asn1_check_identifier: safer access to values read
-
-Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
----
- lib/parser_aux.c | 17 ++++++++++++-----
- 1 file changed, 12 insertions(+), 5 deletions(-)
-
-diff --git a/lib/parser_aux.c b/lib/parser_aux.c
-index 976ab38..786ea64 100644
---- a/lib/parser_aux.c
-+++ b/lib/parser_aux.c
-@@ -955,7 +955,7 @@ _asn1_check_identifier (asn1_node node)
- if (p2 == NULL)
- {
- if (p->value)
-- _asn1_strcpy (_asn1_identifierMissing, p->value);
-+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value);
- else
- _asn1_strcpy (_asn1_identifierMissing, "(null)");
- return ASN1_IDENTIFIER_NOT_FOUND;
-@@ -968,9 +968,15 @@ _asn1_check_identifier (asn1_node node)
- if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT))
- {
- _asn1_str_cpy (name2, sizeof (name2), node->name);
-- _asn1_str_cat (name2, sizeof (name2), ".");
-- _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
-- _asn1_strcpy (_asn1_identifierMissing, p2->value);
-+ if (p2->value)
-+ {
-+ _asn1_str_cat (name2, sizeof (name2), ".");
-+ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
-+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);
-+ }
-+ else
-+ _asn1_strcpy (_asn1_identifierMissing, "(null)");
-+
- p2 = asn1_find_node (node, name2);
- if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) ||
- !(p2->type & CONST_ASSIGN))
-@@ -990,7 +996,8 @@ _asn1_check_identifier (asn1_node node)
- _asn1_str_cpy (name2, sizeof (name2), node->name);
- _asn1_str_cat (name2, sizeof (name2), ".");
- _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
-- _asn1_strcpy (_asn1_identifierMissing, p2->value);
-+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);
-+
- p2 = asn1_find_node (node, name2);
- if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID)
- || !(p2->type & CONST_ASSIGN))
---
-1.9.1
-
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-29 05:34:27 +0000