diff options
author | Leonardo Arena <rnalrd@alpinelinux.org> | 2016-02-25 11:21:45 +0000 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2016-02-26 13:04:48 +0000 |
commit | 8dd1347d5787eed4fcb1908383288022acf2b16a (patch) | |
tree | 3ff109970f96bf03b686fbf1005404fdb99e999c /main | |
parent | 688a2e4d988804f9f34688392292719f005228b5 (diff) | |
download | aports-8dd1347d5787eed4fcb1908383288022acf2b16a.tar.bz2 aports-8dd1347d5787eed4fcb1908383288022acf2b16a.tar.xz |
(cherry picked from commit 768394175984cfe44e9536dbcf5c4b822e3dd0b1)
Diffstat (limited to 'main')
-rw-r--r-- | main/nss/APKBUILD | 16 | ||||
-rw-r--r-- | main/nss/CVE-2015-7575-minimal.patch | 21 | ||||
-rw-r--r-- | main/nss/CVE-2016-1938.patch | 77 |
3 files changed, 110 insertions, 4 deletions
diff --git a/main/nss/APKBUILD b/main/nss/APKBUILD index f9d28341b6..ed8f658f5b 100644 --- a/main/nss/APKBUILD +++ b/main/nss/APKBUILD @@ -2,7 +2,7 @@ pkgname=nss pkgver=3.19.2.1 _ver=${pkgver//./_} -pkgrel=0 +pkgrel=1 pkgdesc="Mozilla Network Security Services" url="http://www.mozilla.org/projects/security/pki/nss/" arch="all" @@ -16,6 +16,8 @@ source="http://ftp.mozilla.org/pub/security/$pkgname/releases/NSS_${_ver}_RTM/sr add_spi+cacert_ca_certs.patch ssl-renegotiate-transitional.patch fix-cdefs_h.patch + CVE-2015-7575-minimal.patch + CVE-2016-1938.patch " depends_dev="nspr-dev" @@ -144,16 +146,22 @@ c547b030c57fe1ed8b77c73bf52b3ded nss.pc.in 46bee81908f1e5b26d6a7a2e14c64d9f nss-config.in 981e0df9e9cb7a9426b316f68911fb17 add_spi+cacert_ca_certs.patch 2412ff2e97b3ec452cb016f2506a0e08 ssl-renegotiate-transitional.patch -1f83bc41ffe34190bcc27d146c479772 fix-cdefs_h.patch" +1f83bc41ffe34190bcc27d146c479772 fix-cdefs_h.patch +90333c6a61b54c5420600c8a81239c07 CVE-2015-7575-minimal.patch +07bd1b0124bc01cf79c1f33e61dbb8bd CVE-2016-1938.patch" sha256sums="ab7eaf3d6b26e6b238d80a613314adf2d97789ada7eec4c971c93b925f22285e nss-3.19.2.1.tar.gz b9f1428ca2305bf30b109507ff335fa00bce5a7ce0434b50acd26ad7c47dd5bd nss.pc.in e44ac5095b4d88f24ec7b2e6a9f1581560bd3ad41a3d198596d67ef22f67adb9 nss-config.in 592aa85184c5edb076c3355f85e50373a59dfcd06a4f4a79621f43df19404c1e add_spi+cacert_ca_certs.patch 1a49be9d7f835be737825252f50e4ee2869228eb303a087dde7fb81794b92ebd ssl-renegotiate-transitional.patch -41866089e3d085f05bc4a7e337f2f5740da4eef9021366a450a8fd111f24975c fix-cdefs_h.patch" +41866089e3d085f05bc4a7e337f2f5740da4eef9021366a450a8fd111f24975c fix-cdefs_h.patch +cf6b6ffc90940c1c49e1b1e783e58284c8e2a0c0933d7fde3a88ea3ca01ff477 CVE-2015-7575-minimal.patch +2b2d6aa5f498ba90a671fbaf90f6cc220c21fc9b38ce5c792d40417f919c2e03 CVE-2016-1938.patch" sha512sums="92b57fe1986b39076c6062c77710beedecf36cc2a7aaba832c11533096ba9ccaa9acb7f389e69cee209f2459674d589811733b55023dca00fc823a6637a8c496 nss-3.19.2.1.tar.gz 75dbd648a461940647ff373389cc73bc8ec609139cd46c91bcce866af02be6bcbb0524eb3dfb721fbd5b0bc68c20081ed6f7debf6b24317f2a7ba823e8d3c531 nss.pc.in 2971669e128f06a9af40a5ba88218fa7c9eecfeeae8b0cf42e14f31ed12bf6fa4c5ce60289e078f50e2669a9376b56b45d7c29d726a7eac69ebe1d1e22dc710b nss-config.in 6e04556858499aec465d6670818465327ba2cb099061c2afee4b5cac8aa61938e0095906acfb38df6a1b70a6bde6dd69f08bb4c00a9d188e4cb3131b26c1bc16 add_spi+cacert_ca_certs.patch c21a82247d87d74cb27575efc517a6771476320ce412cd444e83d0782e29f82552676247da093518b07d3eb7dc67c53cd1901ee8d6f59b342d02e47784c39192 ssl-renegotiate-transitional.patch -54080ed5e66185bfb9fae6518b8f898213a00a2803900ee13a958664a7e60aee60b51f0c27176344ebf49e9c671f1f62f56280ab9e8c7f206c5df143c3a7d24c fix-cdefs_h.patch" +54080ed5e66185bfb9fae6518b8f898213a00a2803900ee13a958664a7e60aee60b51f0c27176344ebf49e9c671f1f62f56280ab9e8c7f206c5df143c3a7d24c fix-cdefs_h.patch +1b5fdcee47c74e796fef8cdb922d89e2cc73ba989fdb1a9209c2e8271659bbf6ead86aa6569d586e7136e18ae530bf69e9e8b3763ebb14f7d7976a6e60dace44 CVE-2015-7575-minimal.patch +7490d57757dcab0e885fc4336632085df5f0677eb3c98017fc3f53d22e239d7b17cda812630d7b920d5e85832312ff360056e4273c55c26f98253ee4d1a7dbb8 CVE-2016-1938.patch" diff --git a/main/nss/CVE-2015-7575-minimal.patch b/main/nss/CVE-2015-7575-minimal.patch new file mode 100644 index 0000000000..36050a8f36 --- /dev/null +++ b/main/nss/CVE-2015-7575-minimal.patch @@ -0,0 +1,21 @@ +diff --git a/nss/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c +--- a/nss/lib/ssl/ssl3con.c ++++ b/nss/lib/ssl/ssl3con.c +@@ -4345,17 +4345,16 @@ ssl3_ConsumeHandshakeVariable(sslSocket + } + + /* tlsHashOIDMap contains the mapping between TLS hash identifiers and the + * SECOidTag used internally by NSS. */ + static const struct { + int tlsHash; + SECOidTag oid; + } tlsHashOIDMap[] = { +- { tls_hash_md5, SEC_OID_MD5 }, + { tls_hash_sha1, SEC_OID_SHA1 }, + { tls_hash_sha224, SEC_OID_SHA224 }, + { tls_hash_sha256, SEC_OID_SHA256 }, + { tls_hash_sha384, SEC_OID_SHA384 }, + { tls_hash_sha512, SEC_OID_SHA512 } + }; + + /* ssl3_TLSHashAlgorithmToOID converts a TLS hash identifier into an OID value. diff --git a/main/nss/CVE-2016-1938.patch b/main/nss/CVE-2016-1938.patch new file mode 100644 index 0000000000..c26406d4ab --- /dev/null +++ b/main/nss/CVE-2016-1938.patch @@ -0,0 +1,77 @@ + +diff --git a/nss/lib/freebl/mpi/mpi.c b/lib/freebl/mpi/mpi.c +--- a/nss/lib/freebl/mpi/mpi.c ++++ b/nss/lib/freebl/mpi/mpi.c +@@ -4202,49 +4202,61 @@ mp_err s_mp_div(mp_int *rem, /* i: di + /* Perform the division itself...woo! */ + MP_USED(quot) = MP_ALLOC(quot); + + /* Find a partial substring of rem which is at least div */ + /* If we didn't find one, we're finished dividing */ + while (MP_USED(rem) > MP_USED(div) || s_mp_cmp(rem, div) >= 0) { + int i; + int unusedRem; ++ int partExtended = 0; /* set to true if we need to extend part */ + + unusedRem = MP_USED(rem) - MP_USED(div); + MP_DIGITS(&part) = MP_DIGITS(rem) + unusedRem; + MP_ALLOC(&part) = MP_ALLOC(rem) - unusedRem; + MP_USED(&part) = MP_USED(div); ++ ++ /* We have now truncated the part of the remainder to the same length as ++ * the divisor. If part is smaller than div, extend part by one digit. */ + if (s_mp_cmp(&part, div) < 0) { + -- unusedRem; + #if MP_ARGCHK == 2 + assert(unusedRem >= 0); + #endif + -- MP_DIGITS(&part); + ++ MP_USED(&part); + ++ MP_ALLOC(&part); ++ partExtended = 1; + } + + /* Compute a guess for the next quotient digit */ + q_msd = MP_DIGIT(&part, MP_USED(&part) - 1); + div_msd = MP_DIGIT(div, MP_USED(div) - 1); +- if (q_msd >= div_msd) { ++ if (!partExtended) { ++ /* In this case, q_msd /= div_msd is always 1. First, since div_msd is ++ * normalized to have the high bit set, 2*div_msd > MP_DIGIT_MAX. Since ++ * we didn't extend part, q_msd >= div_msd. Therefore we know that ++ * div_msd <= q_msd <= MP_DIGIT_MAX < 2*div_msd. Dividing by div_msd we ++ * get 1 <= q_msd/div_msd < 2. So q_msd /= div_msd must be 1. */ + q_msd = 1; +- } else if (MP_USED(&part) > 1) { ++ } else { + #if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD) + q_msd = (q_msd << MP_DIGIT_BIT) | MP_DIGIT(&part, MP_USED(&part) - 2); + q_msd /= div_msd; + if (q_msd == RADIX) + --q_msd; + #else +- mp_digit r; +- MP_CHECKOK( s_mpv_div_2dx1d(q_msd, MP_DIGIT(&part, MP_USED(&part) - 2), +- div_msd, &q_msd, &r) ); ++ if (q_msd == div_msd) { ++ q_msd = MP_DIGIT_MAX; ++ } else { ++ mp_digit r; ++ MP_CHECKOK( s_mpv_div_2dx1d(q_msd, MP_DIGIT(&part, MP_USED(&part) - 2), ++ div_msd, &q_msd, &r) ); ++ } + #endif +- } else { +- q_msd = 0; + } + #if MP_ARGCHK == 2 + assert(q_msd > 0); /* This case should never occur any more. */ + #endif + if (q_msd <= 0) + break; + + /* See what that multiplies out to */ + + + + |