vapier 15/03/04 07:34:28
Added: openssl-1.0.2-CVE-2015-0209.patch
openssl-1.0.2-CVE-2015-0288.patch
Log:
Add fix from upstream for CVE-2015-0209 #541502 by Agostino Sarubbo and
CVE-2015-0288 #542038 by Kristian Fiskerstrand.
(Portage version: 2.2.17/cvs/Linux x86_64, signed Manifest commit with key
D2E96200)
Revision Changes Path
1.1 dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch?rev=1.1&content-type=text/plain
Index: openssl-1.0.2-CVE-2015-0209.patch
===================================================================
https://bugs.gentoo.org/541502
>From 1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a Mon Sep 17 00:00:00 2001
From: Matt Caswell <[email protected]>
Date: Mon, 9 Feb 2015 11:38:41 +0000
Subject: [PATCH] Fix a failure to NULL a pointer freed on error.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Inspired by BoringSSL commit 517073cd4b by Eric Roman <[email protected]>
CVE-2015-0209
Reviewed-by: Emilia Käsper <[email protected]>
---
crypto/ec/ec_asn1.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 30b7df4..d3e8316 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -1014,8 +1014,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char
**in, long len)
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (a)
- *a = ret;
} else
ret = *a;
@@ -1067,10 +1065,12 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned
char **in, long len)
}
}
+ if (a)
+ *a = ret;
ok = 1;
err:
if (!ok) {
- if (ret)
+ if (ret && (a == NULL || *a != ret))
EC_KEY_free(ret);
ret = NULL;
}
--
2.3.1
1.1 dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch?rev=1.1&content-type=text/plain
Index: openssl-1.0.2-CVE-2015-0288.patch
===================================================================
https://bugs.gentoo.org/542038
>From 28a00bcd8e318da18031b2ac8778c64147cd54f9 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <[email protected]>
Date: Wed, 18 Feb 2015 00:34:59 +0000
Subject: [PATCH] Check public key is not NULL.
CVE-2015-0288
PR#3708
Reviewed-by: Matt Caswell <[email protected]>
---
crypto/x509/x509_req.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index bc6e566..01795f4 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const
EVP_MD *md)
goto err;
pktmp = X509_get_pubkey(x);
+ if (pktmp == NULL)
+ goto err;
i = X509_REQ_set_pubkey(ret, pktmp);
EVP_PKEY_free(pktmp);
if (!i)
--
2.3.1
