diff options
Diffstat (limited to 'main/libtasn1')
-rw-r--r-- | main/libtasn1/APKBUILD | 10 | ||||
-rw-r--r-- | main/libtasn1/CVE-2017-6891.patch | 43 |
2 files changed, 4 insertions, 49 deletions
diff --git a/main/libtasn1/APKBUILD b/main/libtasn1/APKBUILD index a94619b8da..cbc7e5eafe 100644 --- a/main/libtasn1/APKBUILD +++ b/main/libtasn1/APKBUILD @@ -1,16 +1,15 @@ # Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libtasn1 -pkgver=4.10 -pkgrel=1 +pkgver=4.12 +pkgrel=0 pkgdesc="The ASN.1 library used in GNUTLS" url="http://www.gnu.org/software/gnutls/" arch="all" license="GPL3 LGPL" makedepends="texinfo" subpackages="$pkgname-dev $pkgname-doc" -source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz - CVE-2017-6891.patch" +source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz" builddir="$srcdir/$pkgname-$pkgver" # secfixes: @@ -35,5 +34,4 @@ package() { make DESTDIR="$pkgdir" install || return 1 } -sha512sums="614e93128e6be8f46a2ad46e2a515e2edfb1f5a2e90c9e5da02d3afc0a882dc956632dd2b1eddd6b0e258e7b58a82d5d745d8ccd23120d94bb0af48132ed1a18 libtasn1-4.10.tar.gz -82972045d29afe8b4a4e240ae45e6417de46f1057ba48026ba5ed5679054dbc469194a34ede9007925bf7bfbc91c93f31aafc1dcdac8ffc4d8c0798e08c7f880 CVE-2017-6891.patch" +sha512sums="6c551670949881193e39122f72948e4999ff1ba377f9ee5963d0a4ad1b84256e4fe42e9f6d6a2aa9f7d4ef7acc0e5174fb5cc3df5298524cdeda92f4b8c104f7 libtasn1-4.12.tar.gz" diff --git a/main/libtasn1/CVE-2017-6891.patch b/main/libtasn1/CVE-2017-6891.patch deleted file mode 100644 index 320068b6de..0000000000 --- a/main/libtasn1/CVE-2017-6891.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 5520704d075802df25ce4ffccc010ba1641bd484 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos <nmav@redhat.com> -Date: Thu, 18 May 2017 18:03:34 +0200 -Subject: [PATCH] asn1_find_node: added safety check on asn1_find_node() - -This prevents a stack overflow in asn1_find_node() which -is triggered by too long variable names in the definitions -files. That means that applications have to deliberately -pass a too long 'name' constant to asn1_write_value() -and friends. Reported by Jakub Jirasek. - -Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> ---- - lib/parser_aux.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/lib/parser_aux.c b/lib/parser_aux.c -index b4a7370..976ab38 100644 ---- a/lib/parser_aux.c -+++ b/lib/parser_aux.c -@@ -120,6 +120,9 @@ asn1_find_node (asn1_node pointer, const char *name) - if (n_end) - { - nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ - memcpy (n, n_start, nsize); - n[nsize] = 0; - n_start = n_end; -@@ -158,6 +161,9 @@ asn1_find_node (asn1_node pointer, const char *name) - if (n_end) - { - nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ - memcpy (n, n_start, nsize); - n[nsize] = 0; - n_start = n_end; --- -1.9.1 - |