aboutsummaryrefslogtreecommitdiffstats
path: root/main
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2014-03-04 07:45:03 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2014-03-04 07:48:53 +0000
commitfb0f401f6ec462a3391c9962359c69a55f4d2bda (patch)
tree5c2bbcda9cc664ccf08dbea410f88bd8339fe73d /main
parent870d04b5a1a7a9fca5bb0db44e923d8cd71e0fe5 (diff)
downloadaports-fb0f401f6ec462a3391c9962359c69a55f4d2bda.tar.bz2
aports-fb0f401f6ec462a3391c9962359c69a55f4d2bda.tar.xz
main/freeradius: security fix (CVE-2014-2015). Fixes #2718
(cherry picked from commit a2173b1aaa97f86a247dadf46ce68614b071988f)
Diffstat (limited to 'main')
-rw-r--r--main/freeradius/APKBUILD10
-rw-r--r--main/freeradius/CVE-2014-2015.patch35
2 files changed, 42 insertions, 3 deletions
diff --git a/main/freeradius/APKBUILD b/main/freeradius/APKBUILD
index 0e3c3f4eba..e7c84f70e3 100644
--- a/main/freeradius/APKBUILD
+++ b/main/freeradius/APKBUILD
@@ -21,6 +21,7 @@ subpackages="$pkgname-doc $pkgname-dev $pkgname-ldap $pkgname-lib
source="ftp://ftp.freeradius.org/pub/freeradius/$pkgname-server-$pkgver.tar.gz
freeradius.confd
freeradius.initd
+ CVE-2014-2015.patch
"
_builddir="$srcdir"/$pkgname-server-$pkgver
@@ -230,10 +231,13 @@ webif() {
md5sums="3186e75882c5aaed699da55be10511fe freeradius-server-2.2.3.tar.gz
fc6693f3df5a0694610110287a28568a freeradius.confd
-b3eefdfc466d80c241cd1bb11face405 freeradius.initd"
+b3eefdfc466d80c241cd1bb11face405 freeradius.initd
+7dd09b1b0631f6bf126517e737c5e576 CVE-2014-2015.patch"
sha256sums="3be1e132f243ac53a7d35e0710bd116e8e126b64a1fc1198034195355072f593 freeradius-server-2.2.3.tar.gz
2d5b3e1af1299373182f2c8021bdf45c29db5d82b0a077b965a16ded32cb6292 freeradius.confd
-719bbe4a44df60e76f68d327f7ee70d4dfd6a95e51f9cb01f850cd4ed153f9de freeradius.initd"
+719bbe4a44df60e76f68d327f7ee70d4dfd6a95e51f9cb01f850cd4ed153f9de freeradius.initd
+d70b898811cbbb9d77d9863a7ba9b243b9782bdc767b586e4e9b8787558f1072 CVE-2014-2015.patch"
sha512sums="d51208d9926872292ef333bcf4e556a7fd06ac78def846c620422258c18ab77f98a22459a78bb92a35e684469d167a018ba2d47d894c32c7368a57e79fba9ede freeradius-server-2.2.3.tar.gz
e248159c0a44f722e405c51c8015d9ad672e42ad0d38ca28f8a051ff911aa4d3e630b9bd4543e9d610940bc4ae50c022594e219ce341b36abe85c572acad418b freeradius.confd
-57f12f06ef9112817204dec4ab2591bcd4baf3c8a033afadb2376e115911f76045c70b7a2c80b294a83dac4e05b1ff22335a3bcc9af1c0760682622ab2cdbd31 freeradius.initd"
+57f12f06ef9112817204dec4ab2591bcd4baf3c8a033afadb2376e115911f76045c70b7a2c80b294a83dac4e05b1ff22335a3bcc9af1c0760682622ab2cdbd31 freeradius.initd
+62d98d8316e147d57de9ac05c05c9703c08bd23e294b95827c58fe976cb3bc5ce040d9e310ada552cb2350dde9e9e2c97e2160210cc1ab5d1ce35889000d7951 CVE-2014-2015.patch"
diff --git a/main/freeradius/CVE-2014-2015.patch b/main/freeradius/CVE-2014-2015.patch
new file mode 100644
index 0000000000..fbd5ff0833
--- /dev/null
+++ b/main/freeradius/CVE-2014-2015.patch
@@ -0,0 +1,35 @@
+From 0d606cfc29ab2e91764854e733d4525e6c667eb9 Mon Sep 17 00:00:00 2001
+From: "Alan T. DeKok" <aland@freeradius.org>
+Date: Thu, 13 Feb 2014 09:29:35 -0500
+Subject: [PATCH] Increase buffer size. Use output buffer size as limit for
+ hex2bin
+
+---
+ src/modules/rlm_pap/rlm_pap.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/modules/rlm_pap/rlm_pap.c b/src/modules/rlm_pap/rlm_pap.c
+index 8ef2152..1492a44 100644
+--- a/src/modules/rlm_pap/rlm_pap.c
++++ b/src/modules/rlm_pap/rlm_pap.c
+@@ -247,7 +247,7 @@ static int base64_decode (const char *src, uint8_t *dst)
+ static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)
+ {
+ size_t decoded;
+- uint8_t buffer[64];
++ uint8_t buffer[256];
+
+ if (min_length >= sizeof(buffer)) return; /* paranoia */
+
+@@ -255,7 +255,7 @@ static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)
+ * Hex encoding.
+ */
+ if (vp->length >= (2 * min_length)) {
+- decoded = fr_hex2bin(vp->vp_strvalue, buffer, vp->length >> 1);
++ decoded = fr_hex2bin(vp->vp_strvalue, buffer, sizeof(buffer));
+ if (decoded == (vp->length >> 1)) {
+ RDEBUG2("Normalizing %s from hex encoding", vp->name);
+ memcpy(vp->vp_octets, buffer, decoded);
+--
+1.8.5.5
+