diff options
author | Armin Kuster <akuster@mvista.com> | 2015-10-26 16:31:22 -0700 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2016-02-08 14:13:39 +0100 |
commit | 5b2e937448371626cf71b761e3bfb06ffb60a7ee (patch) | |
tree | 93dded2f09e03ac611c9d9f333c0562ec75ac62a /meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch | |
parent | e8a8e0be8e39dbb949bf0f0df90abe1c4e3f6470 (diff) | |
download | meta-openembedded-5b2e937448371626cf71b761e3bfb06ffb60a7ee.tar.gz |
squid: serveral missing security fixes
SQUID-2015:2 - Does not affect Squid-3.4 and older versions are not vulnerable.
CVE-2015-5400
CVE-2015-3455
CVE-2014-7142
CVE-2014-7141
CVE-2014-6270
see http://www.squid-cache.org/Advisories/
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch')
-rw-r--r-- | meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch b/meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch new file mode 100644 index 000000000..409f9a7f1 --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch | |||
@@ -0,0 +1,53 @@ | |||
1 | Fix: CVE-2015-3455 | ||
2 | |||
3 | ------------------------------------------------------------ | ||
4 | revno: 13222 | ||
5 | revision-id: squid3@treenet.co.nz-20150501071651-songz1j26frb2ytz | ||
6 | parent: squid3@treenet.co.nz-20150501071104-vd21fu43lvmqoqwa | ||
7 | author: Amos Jeffries <amosjeffries@squid-cache.org>, Christos Tsantilas <chtsanti@users.sourceforge.net> | ||
8 | committer: Amos Jeffries <squid3@treenet.co.nz> | ||
9 | branch nick: 3.4 | ||
10 | timestamp: Fri 2015-05-01 00:16:51 -0700 | ||
11 | message: | ||
12 | Fix X509 server certificate domain matching | ||
13 | |||
14 | The X509 certificate domain fields may contain non-ASCII encodings. | ||
15 | Ensure the domain match algorithm is only passed UTF-8 ASCII-compatible | ||
16 | strings. | ||
17 | ------------------------------------------------------------ | ||
18 | # Bazaar merge directive format 2 (Bazaar 0.90) | ||
19 | # revision_id: squid3@treenet.co.nz-20150501071651-songz1j26frb2ytz | ||
20 | # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 | ||
21 | # testament_sha1: e38694c3e222c506740510557d2a7a122786225c | ||
22 | # timestamp: 2015-05-01 07:17:25 +0000 | ||
23 | # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 | ||
24 | # base_revision_id: squid3@treenet.co.nz-20150501071104-\ | ||
25 | # vd21fu43lvmqoqwa | ||
26 | # | ||
27 | # Begin patch | ||
28 | |||
29 | Upstream-Status: Backport | ||
30 | |||
31 | http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13222.patch | ||
32 | |||
33 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
34 | |||
35 | === modified file 'src/ssl/support.cc' | ||
36 | --- a/src/ssl/support.cc 2015-01-24 05:07:58 +0000 | ||
37 | +++ b/src/ssl/support.cc 2015-05-01 07:16:51 +0000 | ||
38 | @@ -209,7 +209,13 @@ | ||
39 | if (cn_data->length > (int)sizeof(cn) - 1) { | ||
40 | return 1; //if does not fit our buffer just ignore | ||
41 | } | ||
42 | - memcpy(cn, cn_data->data, cn_data->length); | ||
43 | + char *s = reinterpret_cast<char*>(cn_data->data); | ||
44 | + char *d = cn; | ||
45 | + for (int i = 0; i < cn_data->length; ++i, ++d, ++s) { | ||
46 | + if (*s == '\0') | ||
47 | + return 1; // always a domain mismatch. contains 0x00 | ||
48 | + *d = *s; | ||
49 | + } | ||
50 | cn[cn_data->length] = '\0'; | ||
51 | debugs(83, 4, "Verifying server domain " << server << " to certificate name/subjectAltName " << cn); | ||
52 | return matchDomainName(server, cn[0] == '*' ? cn + 1 : cn); | ||
53 | |||