OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer Root: /e/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 18-Mar-2004 10:21:34 Branch: OPENPKG_2_0_SOLID Handle: 2004031809213400 Modified files: (Branch: OPENPKG_2_0_SOLID) openpkg-src/openssl openssl.patch openssl.spec Log: SA-2004.007-openssl; CAN-2004-0079, CAN-2004-0112 Summary: Revision Changes Path 1.13.2.1 +74 -0 openpkg-src/openssl/openssl.patch 1.51.2.2 +1 -1 openpkg-src/openssl/openssl.spec ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-src/openssl/openssl.patch ============================================================================ $ cvs diff -u -r1.13 -r1.13.2.1 openssl.patch --- openpkg-src/openssl/openssl.patch 1 Oct 2003 20:12:19 -0000 1.13 +++ openpkg-src/openssl/openssl.patch 18 Mar 2004 09:21:34 -0000 1.13.2.1 @@ -70,3 +70,77 @@ install_docs: @$(PERL) $(TOP)/util/mkdir-p.pl \ + +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079 + The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, + and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial + of service (crash) via a crafted SSL/TLS handshake that causes a + null-pointer assignment. + +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0112 + The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, + when using Kerberos ciphersuites, allows remote attackers to cause + a denial of service (crash) via a crafted SSL/TLS handshake, which + causes an out-of-bounds read. + +http://cvs.openssl.org/chngview?cn=12033 + +Index: ssl/s3_pkt.c +=================================================================== +RCS file: /e/openssl/cvs/openssl/ssl/s3_pkt.c,v +retrieving revision 1.46.2.5 +diff -u -p -u -r1.46.2.5 s3_pkt.c +--- ssl/s3_pkt.c 19 Feb 2003 12:04:16 -0000 1.46.2.5 ++++ ssl/s3_pkt.c 16 Mar 2004 14:09:14 -0000 +@@ -1085,6 +1085,14 @@ start: + goto err; + } + ++ /* Check we have a cipher to change to */ ++ if (s->s3->tmp.new_cipher == NULL) ++ { ++ i=SSL_AD_UNEXPECTED_MESSAGE; ++ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY); ++ goto err; ++ } ++ + rr->length=0; + + if (s->msg_callback) + +Index: ssl/s3_srvr.c +=================================================================== +RCS file: /e/openssl/cvs/openssl/ssl/s3_srvr.c,v +retrieving revision 1.85.2.19 +diff -u -p -u -r1.85.2.19 s3_srvr.c +--- ssl/s3_srvr.c 27 Dec 2003 16:09:58 -0000 1.85.2.19 ++++ ssl/s3_srvr.c 16 Mar 2004 14:09:15 -0000 +@@ -1588,11 +1588,27 @@ static int ssl3_get_client_key_exchange( + + n2s(p,i); + enc_ticket.length = i; ++ ++ if (n < enc_ticket.length + 6) ++ { ++ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ++ SSL_R_DATA_LENGTH_TOO_LONG); ++ goto err; ++ } ++ + enc_ticket.data = (char *)p; + p+=enc_ticket.length; + + n2s(p,i); + authenticator.length = i; ++ ++ if (n < enc_ticket.length + authenticator.length + 6) ++ { ++ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ++ SSL_R_DATA_LENGTH_TOO_LONG); ++ goto err; ++ } ++ + authenticator.data = (char *)p; + p+=authenticator.length; + + @@ . patch -p0 <<'@@ .' Index: openpkg-src/openssl/openssl.spec ============================================================================ $ cvs diff -u -r1.51.2.1 -r1.51.2.2 openssl.spec --- openpkg-src/openssl/openssl.spec 18 Feb 2004 14:50:38 -0000 1.51.2.1 +++ openpkg-src/openssl/openssl.spec 18 Mar 2004 09:21:34 -0000 1.51.2.2 @@ -34,7 +34,7 @@ Group: Cryptography License: BSD-style Version: 0.9.7c -Release: 2.0.0 +Release: 2.0.1 # package options %option with_zlib no @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List [EMAIL PROTECTED]