UPDATE: security/libksba

Edd Barrett Sun, 04 Sep 2016 03:01:56 -0700

Another update for a new gnupg2.

CVE patches already applied upstream.


OK?


Index: Makefile
===================================================================
RCS file: /home/edd/cvsync/ports/security/libksba/Makefile,v
retrieving revision 1.15
diff -u -p -r1.15 Makefile
--- Makefile    1 Jul 2016 07:40:23 -0000       1.15
+++ Makefile    3 Sep 2016 11:24:32 -0000
@@ -2,11 +2,10 @@
 
 COMMENT =      X.509 library
 
-DISTNAME =     libksba-1.3.3
-REVISION =     0
+DISTNAME =     libksba-1.3.5
 CATEGORIES =   security
 
-SHARED_LIBS =  ksba 0.2        #19
+SHARED_LIBS =  ksba 0.3        # 19.6
 
 MASTER_SITES = ${MASTER_SITES_GNUPG:=libksba/}
 
Index: distinfo
===================================================================
RCS file: /home/edd/cvsync/ports/security/libksba/distinfo,v
retrieving revision 1.5
diff -u -p -r1.5 distinfo
--- distinfo    18 Apr 2015 14:30:06 -0000      1.5
+++ distinfo    3 Sep 2016 11:20:17 -0000
@@ -1,2 +1,2 @@
-SHA256 (libksba-1.3.3.tar.bz2) = DH9f/jTQQU9pUdmICkb8wphcSH98NjabnxGtQRMcd4Y=
-SIZE (libksba-1.3.3.tar.bz2) = 618698
+SHA256 (libksba-1.3.5.tar.bz2) = QURP16b/c6ea2XKPmF5xybqM0+XlM1jnDV8GbTXBo0A=
+SIZE (libksba-1.3.5.tar.bz2) = 620649
Index: patches/patch-src_ber-help_c
===================================================================
RCS file: patches/patch-src_ber-help_c
diff -N patches/patch-src_ber-help_c
--- patches/patch-src_ber-help_c        1 Jul 2016 07:40:23 -0000       1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,22 +0,0 @@
-$OpenBSD: patch-src_ber-help_c,v 1.1 2016/07/01 07:40:23 jasper Exp $
-
-CVE-2016-4579
-http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=a7eed17a0b2a1c09ef986f3b4b323cd31cea2b64
-
---- src/ber-help.c.orig        Fri Mar 15 20:26:38 2013
-+++ src/ber-help.c     Thu Jun 30 15:58:00 2016
-@@ -285,8 +285,14 @@ _ksba_ber_parse_tl (unsigned char const **buffer, size
-           ti->buf[ti->nhdr++] = c;
-           len |= c & 0xff;
-         }
-+      /* Sanity check for the length: This is done so that we can take
-+       * the value for malloc plus some additional bytes without
-+       * risking an overflow.  */
-+      if (len > (1 << 30))
-+        return gpg_error (GPG_ERR_BAD_BER);
-       ti->length = len;
-     }
-+
- 
-   /* Without this kludge some example certs can't be parsed */
-   if (ti->class == CLASS_UNIVERSAL && !ti->tag)
Index: patches/patch-src_cert_c
===================================================================
RCS file: patches/patch-src_cert_c
diff -N patches/patch-src_cert_c
--- patches/patch-src_cert_c    1 Jul 2016 07:40:23 -0000       1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,53 +0,0 @@
-$OpenBSD: patch-src_cert_c,v 1.1 2016/07/01 07:40:23 jasper Exp $
-
-CVE-2016-4579
-http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=a7eed17a0b2a1c09ef986f3b4b323cd31cea2b64
-
---- src/cert.c.orig    Tue Apr 15 21:37:19 2014
-+++ src/cert.c Thu Jun 30 15:58:00 2016
-@@ -1335,9 +1335,15 @@ ksba_cert_get_cert_policies (ksba_cert_t cert, char **
-                   err = gpg_error (GPG_ERR_NOT_DER_ENCODED);
-                   goto leave;
-                 }
-+              if (ti.length > derlen)
-+                {
-+                  err = gpg_error (GPG_ERR_BAD_BER);
-+                  goto leave;
-+                }
-               if (!ti.length)
-                 {
--                  err = gpg_error (GPG_ERR_INV_CERT_OBJ); /* no empty inner 
SEQ */
-+                  /* We do not accept an empty inner SEQ */
-+                  err = gpg_error (GPG_ERR_INV_CERT_OBJ);
-                   goto leave;
-                 }
-               if (ti.nhdr+ti.length > seqlen)
-@@ -1356,6 +1362,11 @@ ksba_cert_get_cert_policies (ksba_cert_t cert, char **
-                   err = gpg_error (GPG_ERR_INV_CERT_OBJ);
-                   goto leave;
-                 }
-+              if (ti.length > derlen)
-+                {
-+                  err = gpg_error (GPG_ERR_BAD_BER);
-+                  goto leave;
-+                }
-               if (ti.nhdr+ti.length > seqseqlen)
-                 {
-                   err = gpg_error (GPG_ERR_BAD_BER);
-@@ -1456,6 +1467,16 @@ ksba_cert_get_ext_key_usages (ksba_cert_t cert, char *
-               if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_OBJECT_ID))
-                 {
-                   err = gpg_error (GPG_ERR_INV_CERT_OBJ);
-+                  goto leave;
-+                }
-+              if (ti.ndef)
-+                {
-+                  err = gpg_error (GPG_ERR_NOT_DER_ENCODED);
-+                  goto leave;
-+                }
-+              if (ti.length > derlen)
-+                {
-+                  err = gpg_error (GPG_ERR_BAD_BER);
-                   goto leave;
-                 }
- 
Index: patches/patch-src_dn_c
===================================================================
RCS file: patches/patch-src_dn_c
diff -N patches/patch-src_dn_c
--- patches/patch-src_dn_c      1 Jul 2016 07:40:23 -0000       1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,20 +0,0 @@
-$OpenBSD: patch-src_dn_c,v 1.1 2016/07/01 07:40:23 jasper Exp $
-
-CVE-2016-4574
-http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=6be61daac047d8e6aa941eb103f8e71a1d4e3c75
-
---- src/dn.c.orig      Wed Apr  8 18:37:07 2015
-+++ src/dn.c   Thu Jun 30 15:59:00 2016
-@@ -332,11 +332,8 @@ append_utf8_value (const unsigned char *value, size_t 
-         }
-       else
-         {
--          if (n+nmore > length)
--            nmore = length - n; /* Oops, encoding to short */
--
-           tmp[0] = *s++; n++;
--          for (i=1; i <= nmore; i++)
-+          for (i=1; n < length && i <= nmore; i++)
-             {
-               if ( (*s & 0xc0) != 0x80)
-                 break; /* Invalid encoding - let the next cycle detect this. 
*/
Index: patches/patch-src_name_c
===================================================================
RCS file: patches/patch-src_name_c
diff -N patches/patch-src_name_c
--- patches/patch-src_name_c    1 Jul 2016 07:40:23 -0000       1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,17 +0,0 @@
-$OpenBSD: patch-src_name_c,v 1.1 2016/07/01 07:40:23 jasper Exp $
-
-
-CVE-2016-4579
-http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=a7eed17a0b2a1c09ef986f3b4b323cd31cea2b64
-
---- src/name.c.orig    Fri Mar 15 20:26:38 2013
-+++ src/name.c Thu Jun 30 15:58:00 2016
-@@ -113,7 +113,7 @@ _ksba_name_new_from_der (ksba_name_t *r_name,
- 
-   *r_name = NULL;
- 
--  /* count and check for encoding errors - we won;t do this again
-+  /* Count and check for encoding errors - we won't do this again
-      during the second pass */
-   der = image;
-   derlen = imagelen;
Index: patches/patch-src_ocsp_c
===================================================================
RCS file: patches/patch-src_ocsp_c
diff -N patches/patch-src_ocsp_c
--- patches/patch-src_ocsp_c    1 Jul 2016 07:40:23 -0000       1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,16 +0,0 @@
-$OpenBSD: patch-src_ocsp_c,v 1.1 2016/07/01 07:40:23 jasper Exp $
-
-CVE-2016-4579
-http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=a7eed17a0b2a1c09ef986f3b4b323cd31cea2b64
-
---- src/ocsp.c.orig    Fri Mar 15 20:26:38 2013
-+++ src/ocsp.c Thu Jun 30 15:58:00 2016
-@@ -231,6 +231,8 @@ parse_asntime_into_isotime (unsigned char const **buf,
-               && (ti.tag == TYPE_UTC_TIME || ti.tag == TYPE_GENERALIZED_TIME)
-               && !ti.is_constructed) )
-     err = gpg_error (GPG_ERR_INV_OBJ);
-+  else if (ti.length > *len)
-+    err = gpg_error (GPG_ERR_INV_BER);
-   else if (!(err = _ksba_asntime_to_iso (*buf, ti.length,
-                                          ti.tag == TYPE_UTC_TIME, isotime)))
-     parse_skip (buf, len, &ti);

-- 
Best Regards
Edd Barrett

http://www.theunixzoo.co.uk

UPDATE: security/libksba

Reply via email to