openssl: Security fix CVE-2016-6303

affects openssl < 1.0.2i Reference: https://www.openssl.org/news/secadv/20160922.txt Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
author: Sona Sarmadi <sona.sarmadi@enea.com> 2016-09-26 12:18:20 +0200
committer: Adrian Dudau <adrian.dudau@enea.com> 2016-09-26 12:49:29 +0200
commit: 744b01090f6cf4984c11bb682693647a62103644 (patch)
tree: 208be72fcded42cf6160f6d5c1905b8088ad4e84
parent: 8ac9ad185c0889af0bfb2fcd90a6987cb972eb0a (diff)
download: meta-el-common-744b01090f6cf4984c11bb682693647a62103644.tar.gz
2 files changed, 37 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl/CVE-2016-6303.patch b/recipes-connectivity/openssl/openssl/CVE-2016-6303.patch
new file mode 100644
index 0000000..95bdec4
--- /dev/null
+++ b/recipes-connectivity/openssl/openssl/CVE-2016-6303.patch
@@ -0,0 +1,36 @@
+From 1027ad4f34c30b8585592764b9a670ba36888269 Mon Sep 17 00:00:00 2001
+From: "Dr. Stephen Henson" <steve@openssl.org>
+Date: Fri, 19 Aug 2016 23:28:29 +0100
+Subject: [PATCH] Avoid overflow in MDC2_Update()
+Thanks to Shi Lei for reporting this issue.
+CVE-2016-6303
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(cherry picked from commit 55d83bf7c10c7b205fffa23fa7c3977491e56c07)
+Upstream-Status: Backport
+CVE: CVE-2016-6303
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ crypto/mdc2/mdc2dgst.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c
+index 6615cf8..2dce493 100644
+--- a/crypto/mdc2/mdc2dgst.c
+++ b/crypto/mdc2/mdc2dgst.c
+@@ -91,7 +91,7 @@ int MDC2_Update(MDC2_CTX *c, const unsigned char *in, size_t len)
+ 
+     i = c->num;
+     if (i != 0) {
+-        if (i + len < MDC2_BLOCK) {
+        if (len < MDC2_BLOCK - i) {
+             /* partial block */
+             memcpy(&(c->data[i]), in, len);
+             c->num += (int)len;
+-- 
+2.7.4
diff --git a/recipes-connectivity/openssl/openssl_1.0.2h.bbappend b/recipes-connectivity/openssl/openssl_1.0.2h.bbappend
index e07690f..528a77c 100644
--- a/recipes-connectivity/openssl/openssl_1.0.2h.bbappend
+++ b/recipes-connectivity/openssl/openssl_1.0.2h.bbappend
@@ -8,4 +8,5 @@ SRC_URI += "file://CVE-2016-2178.patch \
           file://CVE-2016-2181_p3.patch \
           file://CVE-2016-2182.patch \
           file://CVE-2016-6302.patch \
+           file://CVE-2016-6303.patch \
           "
author	Sona Sarmadi <sona.sarmadi@enea.com>	2016-09-26 12:18:20 +0200
committer	Adrian Dudau <adrian.dudau@enea.com>	2016-09-26 12:49:29 +0200
commit	744b01090f6cf4984c11bb682693647a62103644 (patch)
tree	208be72fcded42cf6160f6d5c1905b8088ad4e84
parent	8ac9ad185c0889af0bfb2fcd90a6987cb972eb0a (diff)
download	meta-el-common-744b01090f6cf4984c11bb682693647a62103644.tar.gz

diff --git a/recipes-connectivity/openssl/openssl/CVE-2016-6303.patch b/recipes-connectivity/openssl/openssl/CVE-2016-6303.patch new file mode 100644 index 0000000..95bdec4 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/CVE-2016-6303.patch
@@ -0,0 +1,36 @@
		1	From 1027ad4f34c30b8585592764b9a670ba36888269 Mon Sep 17 00:00:00 2001
		2	From: "Dr. Stephen Henson" <steve@openssl.org>
		3	Date: Fri, 19 Aug 2016 23:28:29 +0100
		4	Subject: [PATCH] Avoid overflow in MDC2_Update()
		5
		6	Thanks to Shi Lei for reporting this issue.
		7
		8	CVE-2016-6303
		9
		10	Reviewed-by: Matt Caswell <matt@openssl.org>
		11	(cherry picked from commit 55d83bf7c10c7b205fffa23fa7c3977491e56c07)
		12
		13	Upstream-Status: Backport
		14	CVE: CVE-2016-6303
		15	Signed-off-by: Armin Kuster <akuster@mvista.com>
		16
		17	---
		18	crypto/mdc2/mdc2dgst.c \| 2 +-
		19	1 file changed, 1 insertion(+), 1 deletion(-)
		20
		21	diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c
		22	index 6615cf8..2dce493 100644
		23	--- a/crypto/mdc2/mdc2dgst.c
		24	+++ b/crypto/mdc2/mdc2dgst.c
		25	@@ -91,7 +91,7 @@ int MDC2_Update(MDC2_CTX c, const unsigned char in, size_t len)
		26
		27	i = c->num;
		28	if (i != 0) {
		29	- if (i + len < MDC2_BLOCK) {
		30	+ if (len < MDC2_BLOCK - i) {
		31	/* partial block */
		32	memcpy(&(c->data[i]), in, len);
		33	c->num += (int)len;
		34	--
		35	2.7.4
		36


diff --git a/recipes-connectivity/openssl/openssl_1.0.2h.bbappend b/recipes-connectivity/openssl/openssl_1.0.2h.bbappend index e07690f..528a77c 100644 --- a/recipes-connectivity/openssl/openssl_1.0.2h.bbappend +++ b/recipes-connectivity/openssl/openssl_1.0.2h.bbappend
@@ -8,4 +8,5 @@ SRC_URI += "file://CVE-2016-2178.patch \
8	file://CVE-2016-2181_p3.patch \	8	file://CVE-2016-2181_p3.patch \
9	file://CVE-2016-2182.patch \	9	file://CVE-2016-2182.patch \
10	file://CVE-2016-6302.patch \	10	file://CVE-2016-6302.patch \
		11	file://CVE-2016-6303.patch \
11	"	12	"