summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/gnutls
diff options
context:
space:
mode:
authorJussi Kukkonen <jussi.kukkonen@intel.com>2016-10-10 11:30:01 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-10-11 08:26:09 +0100
commitd7e97992befd3fa5c1c6616652a3aa723d08c531 (patch)
tree6aab186860e6f34fe6b6aa6b4cdc2395320fb823 /meta/recipes-support/gnutls
parent4a1c04c0d509b2cda9b2ccd5a80523c05fa279c6 (diff)
downloadopenembedded-core-d7e97992befd3fa5c1c6616652a3aa723d08c531.tar.gz
gnutls: Backport certificate check fix
Previously the OCSP certificate check wouldn't verify the serial length and could succeed in cases it shouldn't (CVE-2016-7444). Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/gnutls')
-rw-r--r--meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch35
-rw-r--r--meta/recipes-support/gnutls/gnutls_3.5.3.bb1
2 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch
new file mode 100644
index 0000000000..215be5a8ec
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch
@@ -0,0 +1,35 @@
+CVE: CVE-2016-7444
+Upstream-Status: Backport
+Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
+
+Upstream commit follows:
+
+
+From 964632f37dfdfb914ebc5e49db4fa29af35b1de9 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
+Date: Sat, 27 Aug 2016 17:00:22 +0200
+Subject: [PATCH] ocsp: corrected the comparison of the serial size in OCSP response
+
+Previously the OCSP certificate check wouldn't verify the serial length
+and could succeed in cases it shouldn't.
+
+Reported by Stefan Buehler.
+---
+ lib/x509/ocsp.c | 1 +
+ 1 file changed, 1 insertion(+), 0 deletions(-)
+
+diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
+index 92db9b6..8181f2e 100644
+--- a/lib/x509/ocsp.c
++++ b/lib/x509/ocsp.c
+@@ -1318,6 +1318,7 @@ gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp,
+ gnutls_assert();
+ goto cleanup;
+ }
++ cserial.size = t;
+
+ if (rserial.size != cserial.size
+ || memcmp(cserial.data, rserial.data, rserial.size) != 0) {
+--
+libgit2 0.24.0
+
diff --git a/meta/recipes-support/gnutls/gnutls_3.5.3.bb b/meta/recipes-support/gnutls/gnutls_3.5.3.bb
index 8317eb413a..b2dbb07124 100644
--- a/meta/recipes-support/gnutls/gnutls_3.5.3.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.5.3.bb
@@ -4,6 +4,7 @@ SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
file://0001-configure.ac-fix-sed-command.patch \
file://use-pkg-config-to-locate-zlib.patch \
file://0001-Use-correct-include-dir-with-minitasn.patch \
+ file://CVE-2016-7444.patch \
"
SRC_URI[md5sum] = "6c2c7f40ddf52933ee3ca474cb8cb63c"
SRC_URI[sha256sum] = "92c4bc999a10a1b95299ebefaeea8333f19d8a98d957a35b5eae74881bdb1fef"