Hello community,

here is the log from the commit of package gnutls for openSUSE:Factory checked 
in at 2018-02-12 10:09:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gnutls (Old)
 and      /work/SRC/openSUSE:Factory/.gnutls.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "gnutls"

Mon Feb 12 10:09:02 2018 rev:106 rq:574115 version:3.6.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes    2017-11-10 
14:41:39.418227697 +0100
+++ /work/SRC/openSUSE:Factory/.gnutls.new/gnutls.changes       2018-02-12 
10:09:05.390749385 +0100
@@ -1,0 +2,6 @@
+Wed Feb  7 11:08:54 UTC 2018 - vci...@suse.com
+
+- Sanity check key size in SSSE3 AES cipher implementation (bsc#1074303)
+  * add gnutls-check_aes_keysize.patch
+
+-------------------------------------------------------------------

New:
----
  gnutls-check_aes_keysize.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ gnutls.spec ++++++
--- /var/tmp/diff_new_pack.Ey1luS/_old  2018-02-12 10:09:06.598705851 +0100
+++ /var/tmp/diff_new_pack.Ey1luS/_new  2018-02-12 10:09:06.598705851 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package gnutls
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -35,6 +35,8 @@
 Source3:        baselibs.conf
 Patch1:         gnutls-3.5.11-skip-trust-store-tests.patch
 Patch2:         gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+# PATCH-FIX-UPSTREAM https://gitlab.com/gnutls/gnutls/merge_requests/592
+Patch3:         gnutls-check_aes_keysize.patch
 BuildRequires:  autogen
 BuildRequires:  automake
 BuildRequires:  datefudge
@@ -158,6 +160,7 @@
 %prep
 %setup -q
 %patch1 -p1
+%patch3 -p1
 # dtls-resume test fails on PPC
 %ifarch ppc64 ppc64le ppc
 %patch2 -p1
@@ -229,7 +232,6 @@
 
 %post -n libgnutlsxx%{gnutlsxx_sover} -p /sbin/ldconfig
 %postun -n libgnutlsxx%{gnutlsxx_sover} -p /sbin/ldconfig
-
 %post -n libgnutls-devel
 %install_info --info-dir=%{_infodir} %{_infodir}/gnutls.info.gz
 


++++++ gnutls-check_aes_keysize.patch ++++++
Index: gnutls-3.6.1/lib/accelerated/x86/aes-cbc-x86-ssse3.c
===================================================================
--- gnutls-3.6.1.orig/lib/accelerated/x86/aes-cbc-x86-ssse3.c   2018-02-06 
14:03:54.986532959 +0100
+++ gnutls-3.6.1/lib/accelerated/x86/aes-cbc-x86-ssse3.c        2018-02-06 
14:04:06.022686653 +0100
@@ -65,6 +65,9 @@ aes_ssse3_cipher_setkey(void *_ctx, cons
        struct aes_ctx *ctx = _ctx;
        int ret;
 
+       if (keysize != 16 && keysize != 24 && keysize != 32)
+               return GNUTLS_E_INVALID_REQUEST;
+
        if (ctx->enc)
                ret =
                    vpaes_set_encrypt_key(userkey, keysize * 8,


Reply via email to