nss-3.15.1: fix CVE-2013-5605

Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5605 (From OE-Core rev: 09e8cd6f09284ad3faf0bc05d623a43e2b174866) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: yanjun.zhu <yanjun.zhu@windriver.com> 2014-03-28 17:43:38 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2014-03-30 10:10:32 +0100
commit: 6196e18bfee5b36417d795ea826a1086d27cbce3 (patch)
tree: 297f4f0f1568c4e6329eaa5bf1b0605a99d4050f
parent: 6a3cadea0ce3f26306389f19121876378cf8925b (diff)
download: poky-6196e18bfee5b36417d795ea826a1086d27cbce3.tar.gz
2 files changed, 19 insertions, 0 deletions
diff --git a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
new file mode 100644
index 0000000000..7203d02c78
--- /dev/null
+++ b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
@@ -0,0 +1,18 @@
+signed-off-by: Ryan Sleevi <ryan.sleevi@gmail.com>
+Upstream-Status: Backport
+reference:https://hg.mozilla.org/projects/nss/rev/e79a09364b5e
+--- a/nss/lib/ssl/ssl3con.c
+++ b/nss/lib/ssl/ssl3con.c
+@@ -781,6 +781,11 @@ static SECStatus
+ Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen,
+            const unsigned char *input, int inputLen)
+ {
+    if (inputLen > maxOutputLen) {
+        *outputLen = 0;  /* Match PK11_CipherOp in setting outputLen */
+        PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+        return SECFailure;
+    }
+     *outputLen = inputLen;
+     if (input != output)
+        PORT_Memcpy(output, input, inputLen);
diff --git a/meta/recipes-support/nss/nss.inc b/meta/recipes-support/nss/nss.inc
index 6364562a13..404deccd8a 100644
--- a/meta/recipes-support/nss/nss.inc
+++ b/meta/recipes-support/nss/nss.inc
@@ -17,6 +17,7 @@ SRC_URI = "\
    file://nss-no-rpath-for-cross-compiling.patch \
    file://nss-fix-incorrect-shebang-of-perl.patch \
    file://nss-3.15.1-fix-CVE-2013-1741.patch \
+    file://nss-3.15.1-fix-CVE-2013-5605.patch \
 "
 SRC_URI_append_class-target = "\
    file://nss.pc.in \
author	yanjun.zhu <yanjun.zhu@windriver.com>	2014-03-28 17:43:38 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-03-30 10:10:32 +0100
commit	6196e18bfee5b36417d795ea826a1086d27cbce3 (patch)
tree	297f4f0f1568c4e6329eaa5bf1b0605a99d4050f
parent	6a3cadea0ce3f26306389f19121876378cf8925b (diff)
download	poky-6196e18bfee5b36417d795ea826a1086d27cbce3.tar.gz

diff --git a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch new file mode 100644 index 0000000000..7203d02c78 --- /dev/null +++ b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
@@ -0,0 +1,18 @@
		1	signed-off-by: Ryan Sleevi <ryan.sleevi@gmail.com>
		2	Upstream-Status: Backport
		3	reference:https://hg.mozilla.org/projects/nss/rev/e79a09364b5e
		4
		5	--- a/nss/lib/ssl/ssl3con.c
		6	+++ b/nss/lib/ssl/ssl3con.c
		7	@@ -781,6 +781,11 @@ static SECStatus
		8	Null_Cipher(void ctx, unsigned char output, int *outputLen, int maxOutputLen,
		9	const unsigned char *input, int inputLen)
		10	{
		11	+ if (inputLen > maxOutputLen) {
		12	+ outputLen = 0; / Match PK11_CipherOp in setting outputLen */
		13	+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
		14	+ return SECFailure;
		15	+ }
		16	*outputLen = inputLen;
		17	if (input != output)
		18	PORT_Memcpy(output, input, inputLen);


diff --git a/meta/recipes-support/nss/nss.inc b/meta/recipes-support/nss/nss.inc index 6364562a13..404deccd8a 100644 --- a/meta/recipes-support/nss/nss.inc +++ b/meta/recipes-support/nss/nss.inc
@@ -17,6 +17,7 @@ SRC_URI = "\
17	file://nss-no-rpath-for-cross-compiling.patch \	17	file://nss-no-rpath-for-cross-compiling.patch \
18	file://nss-fix-incorrect-shebang-of-perl.patch \	18	file://nss-fix-incorrect-shebang-of-perl.patch \
19	file://nss-3.15.1-fix-CVE-2013-1741.patch \	19	file://nss-3.15.1-fix-CVE-2013-1741.patch \
		20	file://nss-3.15.1-fix-CVE-2013-5605.patch \
20	"	21	"
21	SRC_URI_append_class-target = "\	22	SRC_URI_append_class-target = "\
22	file://nss.pc.in \	23	file://nss.pc.in \