Thanks for your kindly check. I will correct it in Patch v2.
Best Regards, Fan On 2015年12月09日 20:52, Burton, Ross wrote:
On 9 December 2015 at 02:03, Fan Xin <[email protected] <mailto:[email protected]>> wrote: +++ b/meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch @@ -0,0 +1,101 @@ +Upstream-Status: Backport + +From ada57746b6b80beae73111fe1291bf8dd89af91c Mon Sep 17 00:00:00 2001 +From: Guy Leaver (guleaver) <[email protected] <mailto:[email protected]>> +Date: Fri, 7 Aug 2015 15:45:21 +0100 +Subject: [PATCH] Fix seg fault with 0 p val in SKE + +If a client receives a ServerKeyExchange for an anon DH ciphersuite with the +value of p set to 0 then a seg fault can occur. This commits adds a test to +reject p, g and pub key parameters that have a 0 value (in accordance with +RFC 5246) + +The security vulnerability only affects master and 1.0.2, but the fix is +additionally applied to 1.0.1 for additional confidence. + +CVE-2015-1794 + +Reviewed-by: Richard Levitte <[email protected] <mailto:[email protected]>> +Reviewed-by: Matt Caswell <[email protected] <mailto:[email protected]>> This patch needs to have your (or whoever actually did the work) signed-off-by inside the patch, alongside the Upstream-Status. Thanks, Ross
-- ===================================================== 株式会社富士通コンピュータテクノロジーズ 組込みシステム技術統括部 第一ファームウェア技術部 樊 昕 Fan Xin [email protected] ┏┓ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ┗■ 【ubinux V15】のリリースを開始しました! 「SDN(Open vSwitch)」や「クラウド管理(OpenStack Heat)」などに対応 --------------------------------------------------------------------- 詳細>>http://elsc.utsfd.cs.fujitsu.co.jp/location_elsc.php?id=0024 ※"ubinux"は組込み装置向け当社独自のLinuxディストリビューションです ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
