diff options
| author | Adrian Dudau <adrian.dudau@enea.com> | 2016-09-27 16:38:51 +0200 |
|---|---|---|
| committer | Martin Borg <martin.borg@enea.com> | 2016-09-29 13:37:39 +0200 |
| commit | 96cf162f9d9e83121ec43a8baf940d4ebc75b811 (patch) | |
| tree | b9f2df27caa54035f33f4aba79bcc060804c0dd4 /recipes-connectivity/openssl/openssl/CVE-2016-2180.patch | |
| parent | f73e0eb5d77764c00d6ae8db10528522fc8516bc (diff) | |
| download | meta-nfv-access-common-krogoth.tar.gz | |
openssl: Revert 9 CVE fixes merged upstreamkrogoth
Revert "openssl: Security fix CVE-2016-6306"
This reverts commit f73e0eb5d77764c00d6ae8db10528522fc8516bc.
Revert "openssl: Security fix CVE-2016-6304"
This reverts commit 35f3007f0e0c56bc2f96ab5893686191d099949f.
Revert "openssl: Security fix CVE-2016-6303"
This reverts commit 744b01090f6cf4984c11bb682693647a62103644.
Revert "openssl: Security fix CVE-2016-6302"
This reverts commit 8ac9ad185c0889af0bfb2fcd90a6987cb972eb0a.
Revert "openssl: Security fix CVE-2016-2182"
This reverts commit c95a5d22dedc5701d18e91e40a0c54802915187d.
Revert "openssl: Security fix CVE-2016-2181"
This reverts commit f0e2e3d84763477138d902f7d48ac2658266aa2b.
Revert "openssl: Security fix CVE-2016-2180"
This reverts commit 5493231d1ff5e9b259cd074245e909b5e39d926e.
Revert "openssl: Security fix CVE-2016-2179"
This reverts commit 331ca6f05824e5b005cbf504233b3c72275181d5.
Revert "openssl: Security fix CVE-2016-2178"
This reverts commit ac47871dfb962355c3c8971cd2fde2e4d03c9790.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
Diffstat (limited to 'recipes-connectivity/openssl/openssl/CVE-2016-2180.patch')
| -rw-r--r-- | recipes-connectivity/openssl/openssl/CVE-2016-2180.patch | 44 |
1 files changed, 0 insertions, 44 deletions
diff --git a/recipes-connectivity/openssl/openssl/CVE-2016-2180.patch b/recipes-connectivity/openssl/openssl/CVE-2016-2180.patch deleted file mode 100644 index c71aaa5..0000000 --- a/recipes-connectivity/openssl/openssl/CVE-2016-2180.patch +++ /dev/null | |||
| @@ -1,44 +0,0 @@ | |||
| 1 | From b746aa3fe05b5b5f7126df247ac3eceeb995e2a0 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: "Dr. Stephen Henson" <steve@openssl.org> | ||
| 3 | Date: Thu, 21 Jul 2016 15:24:16 +0100 | ||
| 4 | Subject: [PATCH] Fix OOB read in TS_OBJ_print_bio(). | ||
| 5 | |||
| 6 | TS_OBJ_print_bio() misuses OBJ_txt2obj: it should print the result | ||
| 7 | as a null terminated buffer. The length value returned is the total | ||
| 8 | length the complete text reprsentation would need not the amount of | ||
| 9 | data written. | ||
| 10 | |||
| 11 | CVE-2016-2180 | ||
| 12 | |||
| 13 | Thanks to Shi Lei for reporting this bug. | ||
| 14 | |||
| 15 | Reviewed-by: Matt Caswell <matt@openssl.org> | ||
| 16 | (cherry picked from commit 0ed26acce328ec16a3aa635f1ca37365e8c7403a) | ||
| 17 | |||
| 18 | Upstream-Status: Backport | ||
| 19 | CVE: CVE-2016-2180 | ||
| 20 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
| 21 | |||
| 22 | --- | ||
| 23 | crypto/ts/ts_lib.c | 5 ++--- | ||
| 24 | 1 file changed, 2 insertions(+), 3 deletions(-) | ||
| 25 | |||
| 26 | diff --git a/crypto/ts/ts_lib.c b/crypto/ts/ts_lib.c | ||
| 27 | index c51538a..e0f1063 100644 | ||
| 28 | --- a/crypto/ts/ts_lib.c | ||
| 29 | +++ b/crypto/ts/ts_lib.c | ||
| 30 | @@ -90,9 +90,8 @@ int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj) | ||
| 31 | { | ||
| 32 | char obj_txt[128]; | ||
| 33 | |||
| 34 | - int len = OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0); | ||
| 35 | - BIO_write(bio, obj_txt, len); | ||
| 36 | - BIO_write(bio, "\n", 1); | ||
| 37 | + OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0); | ||
| 38 | + BIO_printf(bio, "%s\n", obj_txt); | ||
| 39 | |||
| 40 | return 1; | ||
| 41 | } | ||
| 42 | -- | ||
| 43 | 2.7.4 | ||
| 44 | |||