diff options
| author | AmatCoder <amatcoder@gmail.com> | 2015-07-25 12:02:35 +0000 |
|---|---|---|
| committer | Francesco Colista <fcolista@alpinelinux.org> | 2015-07-27 09:23:10 +0000 |
| commit | 2fa921762fbacef668ac6339853f0643ad39d833 (patch) | |
| tree | 40efc0008e917bec1486c9d820a02042f52e6bc6 /testing/crypto++ | |
| parent | 801d164bbe5bf09430d1e5882a2ff10aed2fc8cb (diff) | |
| download | aports-2fa921762fbacef668ac6339853f0643ad39d833.tar.bz2 aports-2fa921762fbacef668ac6339853f0643ad39d833.tar.xz | |
testing/crypto++: security fix for CVE-2015-2141
Diffstat (limited to 'testing/crypto++')
| -rw-r--r-- | testing/crypto++/APKBUILD | 14 | ||||
| -rw-r--r-- | testing/crypto++/CVE-2015-2141.patch | 32 |
2 files changed, 41 insertions, 5 deletions
diff --git a/testing/crypto++/APKBUILD b/testing/crypto++/APKBUILD index 77fa512c3f..6632f7c894 100644 --- a/testing/crypto++/APKBUILD +++ b/testing/crypto++/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: August Klein <amatcoder_at_gmail.com> pkgname=crypto++ pkgver=5.6.2 -pkgrel=1 +pkgrel=2 pkgdesc="A free C++ class library of cryptographic schemes" url="http://www.cryptopp.com" arch="all" @@ -12,7 +12,8 @@ depends_dev="" makedepends="$depends_dev" install="" subpackages="$pkgname-dev" -source="http://downloads.sourceforge.net/cryptopp/cryptopp562.zip" +source="http://downloads.sourceforge.net/cryptopp/cryptopp562.zip + CVE-2015-2141.patch" _builddir="$srcdir" prepare() { @@ -41,6 +42,9 @@ package() { cp *.h "$pkgdir"/usr/include/cryptopp || return 1 } -md5sums="7ed022585698df48e65ce9218f6c6a67 cryptopp562.zip" -sha256sums="5cbfd2fcb4a6b3aab35902e2e0f3b59d9171fee12b3fc2b363e1801dfec53574 cryptopp562.zip" -sha512sums="016ca7ebad1091d67ad0bc5ccb7549d96d4af6b563d9d5a612cae27b3d1a3514c41b954e319fed91c820e8c701e3aa43da186e0864bf959ce4afd1539248ebbe cryptopp562.zip" +md5sums="7ed022585698df48e65ce9218f6c6a67 cryptopp562.zip +7ff9a215b9244b4f8a17c7185e27beda CVE-2015-2141.patch" +sha256sums="5cbfd2fcb4a6b3aab35902e2e0f3b59d9171fee12b3fc2b363e1801dfec53574 cryptopp562.zip +611980b01fd4292bc40b929e62a0cdecf1ea87c8b4639bca7c286b83c8c948fc CVE-2015-2141.patch" +sha512sums="016ca7ebad1091d67ad0bc5ccb7549d96d4af6b563d9d5a612cae27b3d1a3514c41b954e319fed91c820e8c701e3aa43da186e0864bf959ce4afd1539248ebbe cryptopp562.zip +4407833fbfb44c3571edccd916323a97427ee3c0f37b49d5a6851a196e6913954801cb9df3b01b956e8d990904fb710a0a57918c44596e8218b4c08b1b729bf1 CVE-2015-2141.patch" diff --git a/testing/crypto++/CVE-2015-2141.patch b/testing/crypto++/CVE-2015-2141.patch new file mode 100644 index 0000000000..32c5164609 --- /dev/null +++ b/testing/crypto++/CVE-2015-2141.patch @@ -0,0 +1,32 @@ +From 9425e16437439e68c7d96abef922167d68fafaff Mon Sep 17 00:00:00 2001 +From: Jeffrey Walton <noloader@gmail.com> +Date: Sat, 27 Jun 2015 17:56:01 -0400 +Subject: [PATCH] Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for + reporting. Squaring to satisfy Jacobi requirements suggested by JPM. + +--- + rw.cpp | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/rw.cpp b/rw.cpp +index cdd9f2d..0b9318b 100644 +--- a/rw.cpp ++++ b/rw.cpp +@@ -126,10 +126,16 @@ Integer InvertibleRWFunction::CalculateInverse(RandomNumberGenerator &rng, const + DoQuickSanityCheck(); + ModularArithmetic modn(m_n); + Integer r, rInv; +- do { // do this in a loop for people using small numbers for testing ++ ++ // do this in a loop for people using small numbers for testing ++ do { + r.Randomize(rng, Integer::One(), m_n - Integer::One()); ++ // Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for reporting. ++ // Squaring to satisfy Jacobi requirements suggested by JPM. ++ r = modn.Square(r); + rInv = modn.MultiplicativeInverse(r); + } while (rInv.IsZero()); ++ + Integer re = modn.Square(r); + re = modn.Multiply(re, x); // blind + |