summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArmin Kuster <akuster808@gmail.com>2016-10-03 00:11:14 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-12-06 22:46:44 (GMT)
commit1f8eb08791b3a661d56e0498c2386c5ad2859bc4 (patch)
treea1b0907cd61583cf68e69f86ea32978c78fdab94
parentb9c389404f7fb73aa10572477e8929cadf05898e (diff)
downloadpoky-1f8eb08791b3a661d56e0498c2386c5ad2859bc4.tar.gz
gnutils: Security fix CVE-2016-7444
affects gnutls < 3.3.24 (From OE-Core rev: c0a682cfeedfc8976324a3bba863f1d9b0127d76) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch31
-rw-r--r--meta/recipes-support/gnutls/gnutls_3.3.17.1.bb1
2 files changed, 32 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch
new file mode 100644
index 0000000..2bb0626
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch
@@ -0,0 +1,31 @@
1From 964632f37dfdfb914ebc5e49db4fa29af35b1de9 Mon Sep 17 00:00:00 2001
2From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3Date: Sat, 27 Aug 2016 17:00:22 +0200
4Subject: [PATCH] ocsp: corrected the comparison of the serial size in OCSP
5 response
6
7Previously the OCSP certificate check wouldn't verify the serial length
8and could succeed in cases it shouldn't.
9
10Reported by Stefan Buehler.
11
12Upstream-Status: Backport
13CVE: CVE-2016-7444
14Signed-off-by: Armin Kuster <akuster@mvista.com>
15
16---
17 lib/x509/ocsp.c | 1 +
18 1 file changed, 1 insertion(+)
19
20Index: gnutls-3.3.17.1/lib/x509/ocsp.c
21===================================================================
22--- gnutls-3.3.17.1.orig/lib/x509/ocsp.c
23+++ gnutls-3.3.17.1/lib/x509/ocsp.c
24@@ -1257,6 +1257,7 @@ gnutls_ocsp_resp_check_crt(gnutls_ocsp_r
25 gnutls_assert();
26 goto cleanup;
27 }
28+ cserial.size = t;
29
30 if (rserial.size != cserial.size
31 || memcmp(cserial.data, rserial.data, rserial.size) != 0) {
diff --git a/meta/recipes-support/gnutls/gnutls_3.3.17.1.bb b/meta/recipes-support/gnutls/gnutls_3.3.17.1.bb
index 0185797..99b2053 100644
--- a/meta/recipes-support/gnutls/gnutls_3.3.17.1.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.3.17.1.bb
@@ -3,6 +3,7 @@ require gnutls.inc
3SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \ 3SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
4 file://configure.ac-fix-sed-command.patch \ 4 file://configure.ac-fix-sed-command.patch \
5 file://use-pkg-config-to-locate-zlib.patch \ 5 file://use-pkg-config-to-locate-zlib.patch \
6 file://CVE-2016-7444.patch \
6 " 7 "
7SRC_URI[md5sum] = "8d01c7e7f2cbc5871fdca832d2260b6b" 8SRC_URI[md5sum] = "8d01c7e7f2cbc5871fdca832d2260b6b"
8SRC_URI[sha256sum] = "b40f158030a92f450a07b20300a3996710ca19800848d9f6fd62493170c5bbb4" 9SRC_URI[sha256sum] = "b40f158030a92f450a07b20300a3996710ca19800848d9f6fd62493170c5bbb4"