pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2009Q1]: pkgsrc/security/openssl Pullup ticket #2794 - request...
details: https://anonhg.NetBSD.org/pkgsrc/rev/f0e04434b1d0
branches: pkgsrc-2009Q1
changeset: 556866:f0e04434b1d0
user: tron <tron%pkgsrc.org@localhost>
date: Fri Jun 12 11:02:42 2009 +0000
description:
Pullup ticket #2794 - requested by tez
openssl: security patch
Revisions pulled up:
- security/openssl/Makefile 1.140
- security/openssl/distinfo 1.68
- security/openssl/patches/patch-ax 1.1
- security/openssl/patches/patch-ay 1.1
- security/openssl/patches/patch-az 1.1
- security/openssl/patches/patch-ba 1.1
---
Module Name: pkgsrc
Committed By: tez
Date: Wed Jun 10 13:57:08 UTC 2009
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Added Files:
pkgsrc/security/openssl/patches: patch-ax patch-ay patch-az patch-ba
Log Message:
Patches for CVE-2009-1377, CVE-2009-1378 & CVE-2009-1379 from
http://cvs.openssl.org/filediff?f=openssl/ssl/d1_both.c&v1=1.4.2.9&v2=1.4.2.10
http://cvs.openssl.org/filediff?f=openssl/ssl/d1_both.c&v1=1.4.2.13&v2=1.4.2.15
http://cvs.openssl.org/filediff?f=openssl/crypto/pqueue/pqueue.c&v1=1.2.2.4&v2=1.2.2.5
http://cvs.openssl.org/filediff?f=openssl/crypto/pqueue/pqueue.h&v1=1.2.2.1&v2=1.2.2.2
http://cvs.openssl.org/filediff?f=openssl/ssl/d1_pkt.c&v1=1.4.2.17&v2=1.4.2.18
diffstat:
security/openssl/Makefile | 3 +-
security/openssl/distinfo | 6 ++++-
security/openssl/patches/patch-ax | 24 ++++++++++++++++++++++
security/openssl/patches/patch-ay | 13 ++++++++++++
security/openssl/patches/patch-az | 42 +++++++++++++++++++++++++++++++++++++++
security/openssl/patches/patch-ba | 17 +++++++++++++++
6 files changed, 103 insertions(+), 2 deletions(-)
diffs (143 lines):
diff -r 6663b5f3f445 -r f0e04434b1d0 security/openssl/Makefile
--- a/security/openssl/Makefile Fri Jun 12 10:41:40 2009 +0000
+++ b/security/openssl/Makefile Fri Jun 12 11:02:42 2009 +0000
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.138 2009/04/05 15:50:17 tnn Exp $
+# $NetBSD: Makefile,v 1.138.2.1 2009/06/12 11:02:42 tron Exp $
OPENSSL_SNAPSHOT?= # empty
OPENSSL_STABLE?= # empty
OPENSSL_VERS?= 0.9.8k
+PKGREVISION= 1
.if empty(OPENSSL_SNAPSHOT)
DISTNAME= openssl-${OPENSSL_VERS}
diff -r 6663b5f3f445 -r f0e04434b1d0 security/openssl/distinfo
--- a/security/openssl/distinfo Fri Jun 12 10:41:40 2009 +0000
+++ b/security/openssl/distinfo Fri Jun 12 11:02:42 2009 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.66.2.1 2009/04/17 12:23:28 tron Exp $
+$NetBSD: distinfo,v 1.66.2.2 2009/06/12 11:02:42 tron Exp $
SHA1 (openssl-0.9.8k.tar.gz) = 3ba079f91d3c1ec90a36dcd1d43857165035703f
RMD160 (openssl-0.9.8k.tar.gz) = 496df7a5d33457b0d8e3b930a8e5cf068923182c
@@ -11,3 +11,7 @@
SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8
SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0
SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302
+SHA1 (patch-ax) = ef0c657de2aa42baa365b9857583d1c55d0e7d1b
+SHA1 (patch-ay) = 6d5de155e5508cd2237387626c8e1ff7ee603f8e
+SHA1 (patch-az) = aa7ef7192d56979ba09aa1dab8a2cdf9868f9c4a
+SHA1 (patch-ba) = b8ab55c0c6ab4b995cae18517609720f0803e11f
diff -r 6663b5f3f445 -r f0e04434b1d0 security/openssl/patches/patch-ax
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssl/patches/patch-ax Fri Jun 12 11:02:42 2009 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-ax,v 1.1.2.2 2009/06/12 11:02:42 tron Exp $
+
+Part of CVE-2009-1377 fix.
+
+--- crypto/pqueue/pqueue.c.orig 2009-06-08 18:55:59.826213100 -0500
++++ crypto/pqueue/pqueue.c
+@@ -234,3 +234,17 @@ pqueue_next(pitem **item)
+
+ return ret;
+ }
++
++int
++pqueue_size(pqueue_s *pq)
++{
++ pitem *item = pq->items;
++ int count = 0;
++
++ while(item != NULL)
++ {
++ count++;
++ item = item->next;
++ }
++ return count;
++}
diff -r 6663b5f3f445 -r f0e04434b1d0 security/openssl/patches/patch-ay
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssl/patches/patch-ay Fri Jun 12 11:02:42 2009 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ay,v 1.1.2.2 2009/06/12 11:02:42 tron Exp $
+
+Part of CVE-2009-1377 fix.
+
+--- crypto/pqueue/pqueue.h.orig 2009-06-08 18:57:00.672546600 -0500
++++ crypto/pqueue/pqueue.h
+@@ -91,5 +91,6 @@ pitem *pqueue_iterator(pqueue pq);
+ pitem *pqueue_next(piterator *iter);
+
+ void pqueue_print(pqueue pq);
++int pqueue_size(pqueue pq);
+
+ #endif /* ! HEADER_PQUEUE_H */
diff -r 6663b5f3f445 -r f0e04434b1d0 security/openssl/patches/patch-az
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssl/patches/patch-az Fri Jun 12 11:02:42 2009 +0000
@@ -0,0 +1,42 @@
+$NetBSD: patch-az,v 1.1.2.2 2009/06/12 11:02:42 tron Exp $
+
+CVE-2009-1378 and CVE-2009-1379 fixes.
+
+--- ssl/d1_both.c.orig 2009-06-08 18:59:50.629293200 -0500
++++ ssl/d1_both.c
+@@ -519,6 +519,8 @@ dtls1_retrieve_buffered_fragment(SSL *s,
+
+ if ( s->d1->handshake_read_seq == frag->msg_header.seq)
+ {
++ unsigned long frag_len = frag->msg_header.frag_len;
++
+ pqueue_pop(s->d1->buffered_messages);
+
+ al=dtls1_preprocess_fragment(s,&frag->msg_header,max);
+@@ -536,7 +538,7 @@ dtls1_retrieve_buffered_fragment(SSL *s,
+ if (al==0)
+ {
+ *ok = 1;
+- return frag->msg_header.frag_len;
++ return frag_len;
+ }
+
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+@@ -561,7 +563,16 @@ dtls1_process_out_of_seq_message(SSL *s,
+ if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
+ goto err;
+
+- if (msg_hdr->seq <= s->d1->handshake_read_seq)
++ /* Try to find item in queue, to prevent duplicate entries */
++ pq_64bit_init(&seq64);
++ pq_64bit_assign_word(&seq64, msg_hdr->seq);
++ item = pqueue_find(s->d1->buffered_messages, seq64);
++ pq_64bit_free(&seq64);
++
++ /* Discard the message if sequence number was already there, is
++ * too far in the future or the fragment is already in the queue */
++ if (msg_hdr->seq <= s->d1->handshake_read_seq ||
++ msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL)
+ {
+ unsigned char devnull [256];
+
diff -r 6663b5f3f445 -r f0e04434b1d0 security/openssl/patches/patch-ba
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssl/patches/patch-ba Fri Jun 12 11:02:42 2009 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-ba,v 1.1.2.2 2009/06/12 11:02:42 tron Exp $
+
+Part of CVE-2009-1377 fix.
+
+--- ssl/d1_pkt.c.orig 2009-06-08 18:58:13.784215600 -0500
++++ ssl/d1_pkt.c
+@@ -167,6 +167,10 @@ dtls1_buffer_record(SSL *s, record_pqueu
+ DTLS1_RECORD_DATA *rdata;
+ pitem *item;
+
++ /* Limit the size of the queue to prevent DOS attacks */
++ if (pqueue_size(queue->q) >= 100)
++ return 0;
++
+ rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
+ item = pitem_new(priority, rdata);
+ if (rdata == NULL || item == NULL)
Home |
Main Index |
Thread Index |
Old Index