Bug 198681 - [PATCH] security/libressl: backport CVE-2015-0209 & -0288
Summary: [PATCH] security/libressl: backport CVE-2015-0209 & -0288
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Vsevolod Stakhov
URL:
Keywords: needs-patch, patch
Depends on:
Blocks:
 
Reported: 2015-03-18 11:33 UTC by Bernard Spil
Modified: 2015-03-19 15:32 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (vsevolod)


Attachments
svn diff for security/libressl (3.07 KB, patch)
2015-03-18 11:33 UTC, Bernard Spil
no flags Details | Diff
svn diff for security/libressl (3.07 KB, patch)
2015-03-18 11:35 UTC, Bernard Spil
no flags Details | Diff
Poudriere testport log of security/libressl (258.41 KB, patch)
2015-03-18 11:42 UTC, Bernard Spil
no flags Details | Diff
svn diff for security/libressl (3.24 KB, patch)
2015-03-18 13:31 UTC, Bernard Spil
no flags Details | Diff
Poudriere build log of security/libressl (255.13 KB, text/plain)
2015-03-18 13:35 UTC, Bernard Spil
no flags Details
svn diff for security/libressl (22.46 KB, patch)
2015-03-19 15:19 UTC, Bernard Spil
no flags Details | Diff
Build log of security/libressl (235.08 KB, text/plain)
2015-03-19 15:20 UTC, Bernard Spil
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Bernard Spil freebsd_committer 2015-03-18 11:33:23 UTC
Created attachment 154472 [details]
svn diff for security/libressl

Backport of 2 of the 3 "Low" vulnerabilities from tomorrow's to be announced OpenSSL sec vulns.

The originator of the High vuln indicated that LibreSSL doesn't seem to be affected, that leaves 3 medium vulns to analyze/fix.
Comment 1 Bernard Spil freebsd_committer 2015-03-18 11:35:12 UTC
Created attachment 154473 [details]
svn diff for security/libressl
Comment 2 Vsevolod Stakhov freebsd_committer 2015-03-18 11:36:28 UTC
Could you please add the entry to the vulnxml port?
Comment 3 Bernard Spil freebsd_committer 2015-03-18 11:42:33 UTC
Created attachment 154474 [details]
Poudriere testport log of security/libressl
Comment 5 Bernard Spil freebsd_committer 2015-03-18 13:31:26 UTC
Created attachment 154477 [details]
svn diff for security/libressl

Revised patch... According to upstream "most important part missing"
Comment 6 Bernard Spil freebsd_committer 2015-03-18 13:35:52 UTC
Created attachment 154478 [details]
Poudriere build log of security/libressl
Comment 7 Kubilay Kocak freebsd_committer freebsd_triage 2015-03-18 13:52:00 UTC
Bernard, regarding the requested security/vuxml entry, don't hesitate to ask for assistance from #bsddocs or #bsdports folk.

You can find more info on the format here:

http://www2.au.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/book.html#security-notify
Comment 8 Bernard Spil freebsd_committer 2015-03-19 15:19:33 UTC
Created attachment 154518 [details]
svn diff for security/libressl

Now contains complete patch from GithUb for

CVE reference Description Severity
CVE-2015-0207 Segmentation fault in DTLSv1_listen moderate
CVE-2015-0209 Use After Free following d2i_ECPrivatekey error low
CVE-2015-0286 Segmentation fault in ASN1_TYPE_cmp moderate
CVE-2015-0287 ASN.1 structure reuse memory corruption moderate
CVE-2015-0289 PKCS7 NULL pointer dereferences moderate
Comment 9 Bernard Spil freebsd_committer 2015-03-19 15:20:04 UTC
Created attachment 154519 [details]
Build log of security/libressl

With the patches applied
Comment 10 commit-hook freebsd_committer 2015-03-19 15:30:47 UTC
A commit references this bug:

Author: vsevolod
Date: Thu Mar 19 15:30:30 UTC 2015
New revision: 381603
URL: https://svnweb.freebsd.org/changeset/ports/381603

Log:
  - Backport the following fixes from openssl [1]:
  CVE-2015-0207 Segmentation fault in DTLSv1_listen moderate
  CVE-2015-0209 Use After Free following d2i_ECPrivatekey error low
  CVE-2015-0286 Segmentation fault in ASN1_TYPE_cmp moderate
  CVE-2015-0287 ASN.1 structure reuse memory corruption moderate
  CVE-2015-0289 PKCS7 NULL pointer dereferences moderate
  - Enable libtls component [2]
  - Bump portrevision

  PR:		198681 [1]
  Submitted by:	Bernard Spil <spil.oss at gmail.com> [1], naddy [2]

Changes:
  head/security/libressl/Makefile
  head/security/libressl/pkg-plist
  head/security/libressl/security/
  head/security/libressl/security/libressl/
  head/security/libressl/security/libressl/files/
  head/security/libressl/security/libressl/files/patch-crypto_asn1_a__int.c
  head/security/libressl/security/libressl/files/patch-crypto_asn1_a__set.c
  head/security/libressl/security/libressl/files/patch-crypto_asn1_a__type.c
  head/security/libressl/security/libressl/files/patch-crypto_asn1_d2i__pr.c
  head/security/libressl/security/libressl/files/patch-crypto_asn1_d2i__pu.c
  head/security/libressl/security/libressl/files/patch-crypto_asn1_n__pkey.c
  head/security/libressl/security/libressl/files/patch-crypto_asn1_tasn__dec.c
  head/security/libressl/security/libressl/files/patch-crypto_asn1_x__x509.c
  head/security/libressl/security/libressl/files/patch-crypto_ec_ec__asn1.c
  head/security/libressl/security/libressl/files/patch-crypto_pkcs7_pk7__doit.c
  head/security/libressl/security/libressl/files/patch-crypto_pkcs7_pk7__lib.c
  head/security/libressl/security/libressl/files/patch-ssl_d1__lib.c
Comment 11 Vsevolod Stakhov freebsd_committer 2015-03-19 15:31:55 UTC
I've committed this patch but I'll still appreciate if you could update vulnxml entry accordingly.