FreeBSD Bugzilla – Attachment 154477 Details for
Bug 198681
[PATCH] security/libressl: backport CVE-2015-0209 & -0288
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
svn diff for security/libressl
patch-security_libressl-2.1.5_1 (text/plain), 3.24 KB, created by
Bernard Spil
on 2015-03-18 13:31:26 UTC
(
hide
)
Description:
svn diff for security/libressl
Filename:
MIME Type:
Creator:
Bernard Spil
Created:
2015-03-18 13:31:26 UTC
Size:
3.24 KB
patch
obsolete
>Index: security/libressl/Makefile >=================================================================== >--- security/libressl/Makefile (revision 381535) >+++ security/libressl/Makefile (working copy) >@@ -3,6 +3,7 @@ > > PORTNAME= libressl > PORTVERSION= 2.1.5 >+PORTREVISION= 1 > CATEGORIES= security devel > MASTER_SITES= ${MASTER_SITE_OPENBSD} > MASTER_SITE_SUBDIR= LibreSSL >Index: security/libressl/files/patch-crypto_ec_ec__asn1.c >=================================================================== >--- security/libressl/files/patch-crypto_ec_ec__asn1.c (revision 0) >+++ security/libressl/files/patch-crypto_ec_ec__asn1.c (working copy) >@@ -0,0 +1,46 @@ >+# Backport of CVE-2015-0209 vuln mitigation >+# Fix a failure to NULL a pointer freed on error. >+# >+# Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org> >+# CVE-2015-0209 >+ >+--- crypto/ec/ec_asn1.c.orig 2015-02-10 14:54:46 UTC >++++ crypto/ec/ec_asn1.c >+@@ -1043,13 +1043,8 @@ d2i_ECPrivateKey(EC_KEY ** a, const unsi >+ EC_KEY *ret = NULL; >+ EC_PRIVATEKEY *priv_key = NULL; >+ >+- if ((priv_key = EC_PRIVATEKEY_new()) == NULL) { >+- ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE); >+- return NULL; >+- } >+- if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) { >++ if ((priv_key = d2i_EC_PRIVATEKEY(NULL, in, len)) == NULL) { >+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); >+- EC_PRIVATEKEY_free(priv_key); >+ return NULL; >+ } >+ if (a == NULL || *a == NULL) { >+@@ -1058,8 +1053,6 @@ d2i_ECPrivateKey(EC_KEY ** a, const unsi >+ ERR_R_MALLOC_FAILURE); >+ goto err; >+ } >+- if (a) >+- *a = ret; >+ } else >+ ret = *a; >+ >+@@ -1109,10 +1102,12 @@ d2i_ECPrivateKey(EC_KEY ** a, const unsi >+ goto err; >+ } >+ } >++ if (a) >++ *a = ret; >+ ok = 1; >+ err: >+ if (!ok) { >+- if (ret) >++ if (ret && (a == NULL || *a != ret)) >+ EC_KEY_free(ret); >+ ret = NULL; >+ } > >Property changes on: security/libressl/files/patch-crypto_ec_ec__asn1.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/libressl/files/patch-crypto_x509_x509__req.c >=================================================================== >--- security/libressl/files/patch-crypto_x509_x509__req.c (revision 0) >+++ security/libressl/files/patch-crypto_x509_x509__req.c (working copy) >@@ -0,0 +1,17 @@ >+# Backport of CVE-2015-0288 vuln mitigation >+# Check public key is not NULL. >+# >+# CVE-2015-0288 >+# PR#3708 >+ >+--- crypto/x509/x509_req.c.orig 2014-12-06 23:15:50 UTC >++++ crypto/x509/x509_req.c >+@@ -95,6 +95,8 @@ X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey >+ goto err; >+ >+ pktmp = X509_get_pubkey(x); >++ if (pktmp == NULL) >++ goto err; >+ i = X509_REQ_set_pubkey(ret, pktmp); >+ EVP_PKEY_free(pktmp); >+ if (!i) > >Property changes on: security/libressl/files/patch-crypto_x509_x509__req.c >___________________________________________________________________ >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 198681
:
154472
|
154473
|
154474
|
154477
|
154478
|
154518
|
154519