diff options
author | Jussi Kukkonen <jussi.kukkonen@intel.com> | 2016-10-10 11:30:01 +0300 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-10-11 08:27:26 +0100 |
commit | fbdeb3f3e79fc5df0eb1fe42687923a1dca4b61f (patch) | |
tree | 6cf0923ac5e9b24b5038892fa5113806ae6aba0e | |
parent | b9d6a7cc234f44e44e5421191924b7463e9c0a9d (diff) | |
download | poky-fbdeb3f3e79fc5df0eb1fe42687923a1dca4b61f.tar.gz |
gnutls: Backport certificate check fix
Previously the OCSP certificate check wouldn't verify the serial
length and could succeed in cases it shouldn't (CVE-2016-7444).
(From OE-Core rev: d7e97992befd3fa5c1c6616652a3aa723d08c531)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch | 35 | ||||
-rw-r--r-- | meta/recipes-support/gnutls/gnutls_3.5.3.bb | 1 |
2 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch new file mode 100644 index 0000000000..215be5a8ec --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch | |||
@@ -0,0 +1,35 @@ | |||
1 | CVE: CVE-2016-7444 | ||
2 | Upstream-Status: Backport | ||
3 | Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> | ||
4 | |||
5 | Upstream commit follows: | ||
6 | |||
7 | |||
8 | From 964632f37dfdfb914ebc5e49db4fa29af35b1de9 Mon Sep 17 00:00:00 2001 | ||
9 | From: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||
10 | Date: Sat, 27 Aug 2016 17:00:22 +0200 | ||
11 | Subject: [PATCH] ocsp: corrected the comparison of the serial size in OCSP response | ||
12 | |||
13 | Previously the OCSP certificate check wouldn't verify the serial length | ||
14 | and could succeed in cases it shouldn't. | ||
15 | |||
16 | Reported by Stefan Buehler. | ||
17 | --- | ||
18 | lib/x509/ocsp.c | 1 + | ||
19 | 1 file changed, 1 insertion(+), 0 deletions(-) | ||
20 | |||
21 | diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c | ||
22 | index 92db9b6..8181f2e 100644 | ||
23 | --- a/lib/x509/ocsp.c | ||
24 | +++ b/lib/x509/ocsp.c | ||
25 | @@ -1318,6 +1318,7 @@ gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp, | ||
26 | gnutls_assert(); | ||
27 | goto cleanup; | ||
28 | } | ||
29 | + cserial.size = t; | ||
30 | |||
31 | if (rserial.size != cserial.size | ||
32 | || memcmp(cserial.data, rserial.data, rserial.size) != 0) { | ||
33 | -- | ||
34 | libgit2 0.24.0 | ||
35 | |||
diff --git a/meta/recipes-support/gnutls/gnutls_3.5.3.bb b/meta/recipes-support/gnutls/gnutls_3.5.3.bb index 8317eb413a..b2dbb07124 100644 --- a/meta/recipes-support/gnutls/gnutls_3.5.3.bb +++ b/meta/recipes-support/gnutls/gnutls_3.5.3.bb | |||
@@ -4,6 +4,7 @@ SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \ | |||
4 | file://0001-configure.ac-fix-sed-command.patch \ | 4 | file://0001-configure.ac-fix-sed-command.patch \ |
5 | file://use-pkg-config-to-locate-zlib.patch \ | 5 | file://use-pkg-config-to-locate-zlib.patch \ |
6 | file://0001-Use-correct-include-dir-with-minitasn.patch \ | 6 | file://0001-Use-correct-include-dir-with-minitasn.patch \ |
7 | file://CVE-2016-7444.patch \ | ||
7 | " | 8 | " |
8 | SRC_URI[md5sum] = "6c2c7f40ddf52933ee3ca474cb8cb63c" | 9 | SRC_URI[md5sum] = "6c2c7f40ddf52933ee3ca474cb8cb63c" |
9 | SRC_URI[sha256sum] = "92c4bc999a10a1b95299ebefaeea8333f19d8a98d957a35b5eae74881bdb1fef" | 10 | SRC_URI[sha256sum] = "92c4bc999a10a1b95299ebefaeea8333f19d8a98d957a35b5eae74881bdb1fef" |