summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch35
-rw-r--r--meta/recipes-support/gnutls/gnutls_3.5.3.bb1
2 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch
new file mode 100644
index 0000000000..215be5a8ec
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch
@@ -0,0 +1,35 @@
1CVE: CVE-2016-7444
2Upstream-Status: Backport
3Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
4
5Upstream commit follows:
6
7
8From 964632f37dfdfb914ebc5e49db4fa29af35b1de9 Mon Sep 17 00:00:00 2001
9From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10Date: Sat, 27 Aug 2016 17:00:22 +0200
11Subject: [PATCH] ocsp: corrected the comparison of the serial size in OCSP response
12
13Previously the OCSP certificate check wouldn't verify the serial length
14and could succeed in cases it shouldn't.
15
16Reported by Stefan Buehler.
17---
18 lib/x509/ocsp.c | 1 +
19 1 file changed, 1 insertion(+), 0 deletions(-)
20
21diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
22index 92db9b6..8181f2e 100644
23--- a/lib/x509/ocsp.c
24+++ b/lib/x509/ocsp.c
25@@ -1318,6 +1318,7 @@ gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp,
26 gnutls_assert();
27 goto cleanup;
28 }
29+ cserial.size = t;
30
31 if (rserial.size != cserial.size
32 || memcmp(cserial.data, rserial.data, rserial.size) != 0) {
33--
34libgit2 0.24.0
35
diff --git a/meta/recipes-support/gnutls/gnutls_3.5.3.bb b/meta/recipes-support/gnutls/gnutls_3.5.3.bb
index 8317eb413a..b2dbb07124 100644
--- a/meta/recipes-support/gnutls/gnutls_3.5.3.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.5.3.bb
@@ -4,6 +4,7 @@ SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
4 file://0001-configure.ac-fix-sed-command.patch \ 4 file://0001-configure.ac-fix-sed-command.patch \
5 file://use-pkg-config-to-locate-zlib.patch \ 5 file://use-pkg-config-to-locate-zlib.patch \
6 file://0001-Use-correct-include-dir-with-minitasn.patch \ 6 file://0001-Use-correct-include-dir-with-minitasn.patch \
7 file://CVE-2016-7444.patch \
7 " 8 "
8SRC_URI[md5sum] = "6c2c7f40ddf52933ee3ca474cb8cb63c" 9SRC_URI[md5sum] = "6c2c7f40ddf52933ee3ca474cb8cb63c"
9SRC_URI[sha256sum] = "92c4bc999a10a1b95299ebefaeea8333f19d8a98d957a35b5eae74881bdb1fef" 10SRC_URI[sha256sum] = "92c4bc999a10a1b95299ebefaeea8333f19d8a98d957a35b5eae74881bdb1fef"