diff options
| author | Francesco Colista <fcolista@alpinelinux.org> | 2017-08-03 13:20:42 +0000 |
|---|---|---|
| committer | Francesco Colista <fcolista@alpinelinux.org> | 2017-08-03 14:21:57 +0000 |
| commit | 93563ed09173ae827935d0756c22d35c2895e10b (patch) | |
| tree | 322c1a785d63c57048d5e459b31afb5b553da202 /main/libtasn1 | |
| parent | 7038377cb749e5b94cf8c0d439b8bd580b4a6c6d (diff) | |
| download | aports-93563ed09173ae827935d0756c22d35c2895e10b.tar.bz2 aports-93563ed09173ae827935d0756c22d35c2895e10b.tar.xz | |
main/libtasn1: fix CVE-2017-10790. Fixes #7601
Diffstat (limited to 'main/libtasn1')
| -rw-r--r-- | main/libtasn1/APKBUILD | 14 | ||||
| -rw-r--r-- | main/libtasn1/CVE-2017-10790.patch | 55 |
2 files changed, 63 insertions, 6 deletions
diff --git a/main/libtasn1/APKBUILD b/main/libtasn1/APKBUILD index cbc7e5eafe..2284d1cac3 100644 --- a/main/libtasn1/APKBUILD +++ b/main/libtasn1/APKBUILD @@ -2,19 +2,21 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libtasn1 pkgver=4.12 -pkgrel=0 +pkgrel=1 pkgdesc="The ASN.1 library used in GNUTLS" url="http://www.gnu.org/software/gnutls/" arch="all" license="GPL3 LGPL" makedepends="texinfo" subpackages="$pkgname-dev $pkgname-doc" -source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz" +source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz + CVE-2017-10790.patch + " builddir="$srcdir/$pkgname-$pkgver" # secfixes: -# 4.10-r1: -# - CVE-2017-6891 +# 4.12-r1: +# - CVE-2017-10790 build() { cd "$builddir" @@ -33,5 +35,5 @@ package() { cd "$builddir" make DESTDIR="$pkgdir" install || return 1 } - -sha512sums="6c551670949881193e39122f72948e4999ff1ba377f9ee5963d0a4ad1b84256e4fe42e9f6d6a2aa9f7d4ef7acc0e5174fb5cc3df5298524cdeda92f4b8c104f7 libtasn1-4.12.tar.gz" +sha512sums="6c551670949881193e39122f72948e4999ff1ba377f9ee5963d0a4ad1b84256e4fe42e9f6d6a2aa9f7d4ef7acc0e5174fb5cc3df5298524cdeda92f4b8c104f7 libtasn1-4.12.tar.gz +8e9dad0a1ee7cb7a8ed3d2a60c1c1bcb3e1ef689dbd2879992d4098f36edbae3bb962b9c87a0a9a77335e83abf10fd72bd78bde99989421c35f4434a9e1d08cc CVE-2017-10790.patch" diff --git a/main/libtasn1/CVE-2017-10790.patch b/main/libtasn1/CVE-2017-10790.patch new file mode 100644 index 0000000000..eb752c20a9 --- /dev/null +++ b/main/libtasn1/CVE-2017-10790.patch @@ -0,0 +1,55 @@ +From d8d805e1f2e6799bb2dff4871a8598dc83088a39 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos <nmav@redhat.com> +Date: Thu, 22 Jun 2017 16:31:37 +0200 +Subject: [PATCH] _asn1_check_identifier: safer access to values read + +Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> +--- + lib/parser_aux.c | 17 ++++++++++++----- + 1 file changed, 12 insertions(+), 5 deletions(-) + +diff --git a/lib/parser_aux.c b/lib/parser_aux.c +index 976ab38..786ea64 100644 +--- a/lib/parser_aux.c ++++ b/lib/parser_aux.c +@@ -955,7 +955,7 @@ _asn1_check_identifier (asn1_node node) + if (p2 == NULL) + { + if (p->value) +- _asn1_strcpy (_asn1_identifierMissing, p->value); ++ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value); + else + _asn1_strcpy (_asn1_identifierMissing, "(null)"); + return ASN1_IDENTIFIER_NOT_FOUND; +@@ -968,9 +968,15 @@ _asn1_check_identifier (asn1_node node) + if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT)) + { + _asn1_str_cpy (name2, sizeof (name2), node->name); +- _asn1_str_cat (name2, sizeof (name2), "."); +- _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); +- _asn1_strcpy (_asn1_identifierMissing, p2->value); ++ if (p2->value) ++ { ++ _asn1_str_cat (name2, sizeof (name2), "."); ++ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); ++ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); ++ } ++ else ++ _asn1_strcpy (_asn1_identifierMissing, "(null)"); ++ + p2 = asn1_find_node (node, name2); + if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) || + !(p2->type & CONST_ASSIGN)) +@@ -990,7 +996,8 @@ _asn1_check_identifier (asn1_node node) + _asn1_str_cpy (name2, sizeof (name2), node->name); + _asn1_str_cat (name2, sizeof (name2), "."); + _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); +- _asn1_strcpy (_asn1_identifierMissing, p2->value); ++ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); ++ + p2 = asn1_find_node (node, name2); + if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) + || !(p2->type & CONST_ASSIGN)) +-- +1.9.1 + |