diff options
author | Roy Li <rongqing.li@windriver.com> | 2015-06-05 13:23:28 +0800 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2015-07-19 16:42:14 -0700 |
commit | e3dbf786b143a0d09a9a339aa5f1a66afb6cf90e (patch) | |
tree | f55ad12a555c104f9c3c595b40fc1102a1f17ac8 | |
parent | 0fb90bef8c72bd39574d06c943c7a7220483870b (diff) | |
download | meta-openembedded-e3dbf786b143a0d09a9a339aa5f1a66afb6cf90e.tar.gz |
ipsec-tools: Security Advisory - CVE-2015-4047
This fixed the CVE-2015-4047:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Conflicts:
meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
-rw-r--r-- | meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch | 36 | ||||
-rw-r--r-- | meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb | 1 |
2 files changed, 37 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch new file mode 100644 index 000000000..5286376ac --- /dev/null +++ b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch | |||
@@ -0,0 +1,36 @@ | |||
1 | [PATCH] fix CVE-2015-4047 | ||
2 | |||
3 | Upstream-Status: Backport | ||
4 | |||
5 | http://www.openwall.com/lists/oss-security/2015/05/20/1 | ||
6 | |||
7 | racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause | ||
8 | a denial of service (NULL pointer dereference and IKE daemon crash) via | ||
9 | a series of crafted UDP requests. | ||
10 | |||
11 | https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047 | ||
12 | |||
13 | Signed-off-by: Roy Li <rongqing.li@windriver.com> | ||
14 | --- | ||
15 | src/racoon/gssapi.c | 5 +++++ | ||
16 | 1 file changed, 5 insertions(+) | ||
17 | |||
18 | diff --git a/src/racoon/gssapi.c b/src/racoon/gssapi.c | ||
19 | index e64b201..1ad3b42 100644 | ||
20 | --- a/src/racoon/gssapi.c | ||
21 | +++ b/src/racoon/gssapi.c | ||
22 | @@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1) | ||
23 | gss_name_t princ, canon_princ; | ||
24 | OM_uint32 maj_stat, min_stat; | ||
25 | |||
26 | + if (iph1->rmconf == NULL) { | ||
27 | + plog(LLV_ERROR, LOCATION, NULL, "no remote config\n"); | ||
28 | + return -1; | ||
29 | + } | ||
30 | + | ||
31 | gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state)); | ||
32 | if (gps == NULL) { | ||
33 | plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n"); | ||
34 | -- | ||
35 | 1.9.1 | ||
36 | |||
diff --git a/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb b/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb index 8cc55ef8a..c526820aa 100644 --- a/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb +++ b/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb | |||
@@ -15,6 +15,7 @@ SRC_URI = "ftp://ftp.netbsd.org/pub/NetBSD/misc/ipsec-tools/0.8/ipsec-tools-${PV | |||
15 | file://racoon-check-invalid-ivm.patch \ | 15 | file://racoon-check-invalid-ivm.patch \ |
16 | file://glibc-2.20.patch \ | 16 | file://glibc-2.20.patch \ |
17 | file://racoon-Resend-UPDATE-message-when-received-EINTR-message.patch \ | 17 | file://racoon-Resend-UPDATE-message-when-received-EINTR-message.patch \ |
18 | file://fix-CVE-2015-4047.patch \ | ||
18 | " | 19 | " |
19 | SRC_URI[md5sum] = "d53ec14a0a3ece64e09e5e34b3350b41" | 20 | SRC_URI[md5sum] = "d53ec14a0a3ece64e09e5e34b3350b41" |
20 | SRC_URI[sha256sum] = "8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d" | 21 | SRC_URI[sha256sum] = "8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d" |