[packages/openssl102: 286/432] - rel 2; fixes CVE-2009-1377 CVE-2009-1378 CVE-2009-1379; enable tlsext and rfc3779
adwol
adwol at pld-linux.org
Sat Sep 29 01:25:36 CEST 2018
commit 215c1d6f9262ddd79cd1e429150c564da8f86251
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Tue Jul 28 15:44:54 2009 +0000
- rel 2; fixes CVE-2009-1377 CVE-2009-1378 CVE-2009-1379; enable tlsext and rfc3779
Changed files:
openssl-CVE-2009-1377-1378-1379.patch -> 1.1
openssl.spec -> 1.205
openssl-CVE-2009-1377-1378-1379.patch | 83 +++++++++++++++++++++++++++++++++++
openssl.spec | 18 ++++----
2 files changed, 93 insertions(+), 8 deletions(-)
---
diff --git a/openssl.spec b/openssl.spec
index 1a6c93d..a4a6041 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -15,7 +15,7 @@ Summary(ru.UTF-8): Библиотеки и утилиты для соедине
Summary(uk.UTF-8): Бібліотеки та утиліти для з'єднань через Secure Sockets Layer
Name: openssl
Version: 0.9.8k
-Release: 1
+Release: 2
License: Apache-like
Group: Libraries
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
@@ -32,13 +32,8 @@ Patch5: %{name}-man-namespace.patch
Patch6: %{name}-asflag.patch
Patch7: %{name}-ca-certificates.patch
Patch8: %{name}-fips_install.patch
+Patch9: %{name}-CVE-2009-1377-1378-1379.patch
URL: http://www.openssl.org/
-# problem with =< 1.0.0beta2
-# Fixes should be in sourcecode
-BuildRequires: security(CVE-2009-1377)
-BuildRequires: security(CVE-2009-1378)
-BuildRequires: security(CVE-2009-1379)
-##
BuildRequires: bc
BuildRequires: perl-devel >= 1:5.6.1
BuildRequires: rpm-perlprov >= 4.1-13
@@ -207,6 +202,7 @@ бібліотеки для розробки програм з використ
%patch6 -p1
%patch7 -p1
%patch8 -p0
+%patch9 -p1
%{__perl} -pi -e 's#%{_prefix}/local/bin/perl#%{__perl}#g' \
`grep -l -r "%{_prefix}/local/bin/perl" *`
@@ -227,7 +223,13 @@ OPTFLAGS="%{rpmcflags} %{?with_purify:-DPURIFY}" \
%endif
--lib=%{_lib} \
shared threads \
- enable-mdc2 enable-rc5 enable-tlsext \
+ enable-tlsext \
+ enable-seed \
+ enable-rfc3779 \
+ enable-cms \
+ enable-idea \
+ enable-mdc2 \
+ enable-rc5 \
%ifarch %{ix86}
%ifarch i386
386 linux-elf
diff --git a/openssl-CVE-2009-1377-1378-1379.patch b/openssl-CVE-2009-1377-1378-1379.patch
new file mode 100644
index 0000000..873071e
--- /dev/null
+++ b/openssl-CVE-2009-1377-1378-1379.patch
@@ -0,0 +1,83 @@
+diff -up openssl-0.9.8k/crypto/pqueue/pqueue.c.dtls-dos openssl-0.9.8k/crypto/pqueue/pqueue.c
+--- openssl-0.9.8k/crypto/pqueue/pqueue.c.dtls-dos 2005-06-28 14:53:33.000000000 +0200
++++ openssl-0.9.8k/crypto/pqueue/pqueue.c 2009-05-21 18:26:29.000000000 +0200
+@@ -234,3 +234,17 @@ pqueue_next(pitem **item)
+
+ return ret;
+ }
++
++int
++pqueue_size(pqueue_s *pq)
++{
++ pitem *item = pq->items;
++ int count = 0;
++
++ while(item != NULL)
++ {
++ count++;
++ item = item->next;
++ }
++ return count;
++}
+diff -up openssl-0.9.8k/crypto/pqueue/pqueue.h.dtls-dos openssl-0.9.8k/crypto/pqueue/pqueue.h
+--- openssl-0.9.8k/crypto/pqueue/pqueue.h.dtls-dos 2009-04-21 11:43:58.000000000 +0200
++++ openssl-0.9.8k/crypto/pqueue/pqueue.h 2009-05-21 18:26:29.000000000 +0200
+@@ -91,5 +91,6 @@ pitem *pqueue_iterator(pqueue pq);
+ pitem *pqueue_next(piterator *iter);
+
+ void pqueue_print(pqueue pq);
++int pqueue_size(pqueue pq);
+
+ #endif /* ! HEADER_PQUEUE_H */
+diff -up openssl-0.9.8k/ssl/d1_both.c.dtls-dos openssl-0.9.8k/ssl/d1_both.c
+--- openssl-0.9.8k/ssl/d1_both.c.dtls-dos 2007-10-17 23:17:49.000000000 +0200
++++ openssl-0.9.8k/ssl/d1_both.c 2009-05-21 18:26:29.000000000 +0200
+@@ -519,6 +519,7 @@ dtls1_retrieve_buffered_fragment(SSL *s,
+
+ if ( s->d1->handshake_read_seq == frag->msg_header.seq)
+ {
++ unsigned long frag_len = frag->msg_header.frag_len;
+ pqueue_pop(s->d1->buffered_messages);
+
+ al=dtls1_preprocess_fragment(s,&frag->msg_header,max);
+@@ -536,7 +537,7 @@ dtls1_retrieve_buffered_fragment(SSL *s,
+ if (al==0)
+ {
+ *ok = 1;
+- return frag->msg_header.frag_len;
++ return frag_len;
+ }
+
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+@@ -561,7 +562,16 @@ dtls1_process_out_of_seq_message(SSL *s,
+ if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
+ goto err;
+
+- if (msg_hdr->seq <= s->d1->handshake_read_seq)
++ /* Try to find item in queue, to prevent duplicate entries */
++ pq_64bit_init(&seq64);
++ pq_64bit_assign_word(&seq64, msg_hdr->seq);
++ item = pqueue_find(s->d1->buffered_messages, seq64);
++ pq_64bit_free(&seq64);
++
++ /* Discard the message if sequence number was already there, is
++ * too far in the future or the fragment is already in the queue */
++ if (msg_hdr->seq <= s->d1->handshake_read_seq ||
++ msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL)
+ {
+ unsigned char devnull [256];
+
+diff -up openssl-0.9.8k/ssl/d1_pkt.c.dtls-dos openssl-0.9.8k/ssl/d1_pkt.c
+--- openssl-0.9.8k/ssl/d1_pkt.c.dtls-dos 2009-04-21 11:44:02.000000000 +0200
++++ openssl-0.9.8k/ssl/d1_pkt.c 2009-05-21 18:26:29.000000000 +0200
+@@ -167,6 +167,10 @@ dtls1_buffer_record(SSL *s, record_pqueu
+ DTLS1_RECORD_DATA *rdata;
+ pitem *item;
+
++ /* Limit the size of the queue to prevent DOS attacks */
++ if (pqueue_size(queue->q) >= 100)
++ return 0;
++
+ rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
+ item = pitem_new(priority, rdata);
+ if (rdata == NULL || item == NULL)
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/openssl102.git/commitdiff/9fc1b1b87b259e8a327c99835865e91a391efc9e
More information about the pld-cvs-commit
mailing list