|Summary:||[PATCH] security/libressl: backport CVE-2015-0209 & -0288|
|Product:||Ports & Packages||Reporter:||Bernard Spil <brnrd>|
|Component:||Individual Port(s)||Assignee:||Vsevolod Stakhov <vsevolod>|
|Severity:||Affects Some People||CC:||vsevolod|
Description Bernard Spil 2015-03-18 11:33:23 UTC
Created attachment 154472 [details] svn diff for security/libressl Backport of 2 of the 3 "Low" vulnerabilities from tomorrow's to be announced OpenSSL sec vulns. The originator of the High vuln indicated that LibreSSL doesn't seem to be affected, that leaves 3 medium vulns to analyze/fix.
Comment 1 Bernard Spil 2015-03-18 11:35:12 UTC
Created attachment 154473 [details] svn diff for security/libressl
Comment 2 Vsevolod Stakhov 2015-03-18 11:36:28 UTC
Could you please add the entry to the vulnxml port?
Comment 3 Bernard Spil 2015-03-18 11:42:33 UTC
Created attachment 154474 [details] Poudriere testport log of security/libressl
Comment 4 Bernard Spil 2015-03-18 12:18:40 UTC
Comment 5 Bernard Spil 2015-03-18 13:31:26 UTC
Created attachment 154477 [details] svn diff for security/libressl Revised patch... According to upstream "most important part missing"
Comment 6 Bernard Spil 2015-03-18 13:35:52 UTC
Created attachment 154478 [details] Poudriere build log of security/libressl
Comment 7 Kubilay Kocak 2015-03-18 13:52:00 UTC
Bernard, regarding the requested security/vuxml entry, don't hesitate to ask for assistance from #bsddocs or #bsdports folk. You can find more info on the format here: http://www2.au.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/book.html#security-notify
Comment 8 Bernard Spil 2015-03-19 15:19:33 UTC
Created attachment 154518 [details] svn diff for security/libressl Now contains complete patch from GithUb for CVE reference Description Severity CVE-2015-0207 Segmentation fault in DTLSv1_listen moderate CVE-2015-0209 Use After Free following d2i_ECPrivatekey error low CVE-2015-0286 Segmentation fault in ASN1_TYPE_cmp moderate CVE-2015-0287 ASN.1 structure reuse memory corruption moderate CVE-2015-0289 PKCS7 NULL pointer dereferences moderate
Comment 9 Bernard Spil 2015-03-19 15:20:04 UTC
Created attachment 154519 [details] Build log of security/libressl With the patches applied
Comment 10 commit-hook 2015-03-19 15:30:47 UTC
A commit references this bug: Author: vsevolod Date: Thu Mar 19 15:30:30 UTC 2015 New revision: 381603 URL: https://svnweb.freebsd.org/changeset/ports/381603 Log: - Backport the following fixes from openssl : CVE-2015-0207 Segmentation fault in DTLSv1_listen moderate CVE-2015-0209 Use After Free following d2i_ECPrivatekey error low CVE-2015-0286 Segmentation fault in ASN1_TYPE_cmp moderate CVE-2015-0287 ASN.1 structure reuse memory corruption moderate CVE-2015-0289 PKCS7 NULL pointer dereferences moderate - Enable libtls component  - Bump portrevision PR: 198681  Submitted by: Bernard Spil <spil.oss at gmail.com> , naddy  Changes: head/security/libressl/Makefile head/security/libressl/pkg-plist head/security/libressl/security/ head/security/libressl/security/libressl/ head/security/libressl/security/libressl/files/ head/security/libressl/security/libressl/files/patch-crypto_asn1_a__int.c head/security/libressl/security/libressl/files/patch-crypto_asn1_a__set.c head/security/libressl/security/libressl/files/patch-crypto_asn1_a__type.c head/security/libressl/security/libressl/files/patch-crypto_asn1_d2i__pr.c head/security/libressl/security/libressl/files/patch-crypto_asn1_d2i__pu.c head/security/libressl/security/libressl/files/patch-crypto_asn1_n__pkey.c head/security/libressl/security/libressl/files/patch-crypto_asn1_tasn__dec.c head/security/libressl/security/libressl/files/patch-crypto_asn1_x__x509.c head/security/libressl/security/libressl/files/patch-crypto_ec_ec__asn1.c head/security/libressl/security/libressl/files/patch-crypto_pkcs7_pk7__doit.c head/security/libressl/security/libressl/files/patch-crypto_pkcs7_pk7__lib.c head/security/libressl/security/libressl/files/patch-ssl_d1__lib.c
Comment 11 Vsevolod Stakhov 2015-03-19 15:31:55 UTC
I've committed this patch but I'll still appreciate if you could update vulnxml entry accordingly.