From a2b5a99f6ae6986bde1e0fde34a4a832b04e4d0c Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Dec 14 2015 04:14:53 +0000 Subject: import openssl-1.0.1e-51.el7_2.1 --- diff --git a/SOURCES/openssl-1.0.1e-cve-2015-3194.patch b/SOURCES/openssl-1.0.1e-cve-2015-3194.patch new file mode 100644 index 0000000..58b52f2 --- /dev/null +++ b/SOURCES/openssl-1.0.1e-cve-2015-3194.patch @@ -0,0 +1,12 @@ +diff -up openssl-1.0.1e/crypto/rsa/rsa_ameth.c.pss-check openssl-1.0.1e/crypto/rsa/rsa_ameth.c +--- openssl-1.0.1e/crypto/rsa/rsa_ameth.c.pss-check 2013-02-11 16:26:04.000000000 +0100 ++++ openssl-1.0.1e/crypto/rsa/rsa_ameth.c 2015-12-04 09:03:18.300660817 +0100 +@@ -287,7 +287,7 @@ static RSA_PSS_PARAMS *rsa_pss_decode(co + { + ASN1_TYPE *param = pss->maskGenAlgorithm->parameter; + if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1 +- && param->type == V_ASN1_SEQUENCE) ++ && param && param->type == V_ASN1_SEQUENCE) + { + p = param->value.sequence->data; + plen = param->value.sequence->length; diff --git a/SOURCES/openssl-1.0.1e-cve-2015-3195.patch b/SOURCES/openssl-1.0.1e-cve-2015-3195.patch new file mode 100644 index 0000000..80f196f --- /dev/null +++ b/SOURCES/openssl-1.0.1e-cve-2015-3195.patch @@ -0,0 +1,31 @@ +diff -up openssl-1.0.1e/crypto/asn1/tasn_dec.c.combine-leak openssl-1.0.1e/crypto/asn1/tasn_dec.c +--- openssl-1.0.1e/crypto/asn1/tasn_dec.c.combine-leak 2015-12-04 09:01:53.000000000 +0100 ++++ openssl-1.0.1e/crypto/asn1/tasn_dec.c 2015-12-04 09:09:30.629793475 +0100 +@@ -169,6 +169,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, + int otag; + int ret = 0; + ASN1_VALUE **pchptr, *ptmpval; ++ int combine = aclass & ASN1_TFLG_COMBINE; ++ aclass &= ~ASN1_TFLG_COMBINE; + if (!pval) + return 0; + if (aux && aux->asn1_cb) +@@ -539,7 +541,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, + auxerr: + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); + err: +- ASN1_item_ex_free(pval, it); ++ if (combine == 0) ++ ASN1_item_ex_free(pval, it); + if (errtt) + ERR_add_error_data(4, "Field=", errtt->field_name, + ", Type=", it->sname); +@@ -767,7 +770,7 @@ static int asn1_template_noexp_d2i(ASN1_ + { + /* Nothing special */ + ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), +- -1, 0, opt, ctx); ++ -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx); + if (!ret) + { + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, diff --git a/SOURCES/openssl-1.0.1e-cve-2015-3196.patch b/SOURCES/openssl-1.0.1e-cve-2015-3196.patch new file mode 100644 index 0000000..19dc323 --- /dev/null +++ b/SOURCES/openssl-1.0.1e-cve-2015-3196.patch @@ -0,0 +1,52 @@ +diff -up openssl-1.0.1e/ssl/s3_clnt.c.psk-identity openssl-1.0.1e/ssl/s3_clnt.c +--- openssl-1.0.1e/ssl/s3_clnt.c.psk-identity 2015-12-04 09:01:53.000000000 +0100 ++++ openssl-1.0.1e/ssl/s3_clnt.c 2015-12-04 09:36:24.182010426 +0100 +@@ -1367,8 +1367,6 @@ int ssl3_get_key_exchange(SSL *s) + #ifndef OPENSSL_NO_PSK + if (alg_k & SSL_kPSK) + { +- char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1]; +- + al=SSL_AD_HANDSHAKE_FAILURE; + n2s(p,i); + param_len=i+2; +@@ -1389,16 +1387,8 @@ int ssl3_get_key_exchange(SSL *s) + SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH); + goto f_err; + } +- /* If received PSK identity hint contains NULL +- * characters, the hint is truncated from the first +- * NULL. p may not be ending with NULL, so create a +- * NULL-terminated string. */ +- memcpy(tmp_id_hint, p, i); +- memset(tmp_id_hint+i, 0, PSK_MAX_IDENTITY_LEN+1-i); +- if (s->ctx->psk_identity_hint != NULL) +- OPENSSL_free(s->ctx->psk_identity_hint); +- s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint); +- if (s->ctx->psk_identity_hint == NULL) ++ s->session->psk_identity_hint = BUF_strndup((char *)p, i); ++ if (s->session->psk_identity_hint == NULL) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); + goto f_err; +@@ -2904,7 +2894,7 @@ int ssl3_send_client_key_exchange(SSL *s + goto err; + } + +- psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint, ++ psk_len = s->psk_client_callback(s, s->session->psk_identity_hint, + identity, PSK_MAX_IDENTITY_LEN, + psk_or_pre_ms, sizeof(psk_or_pre_ms)); + if (psk_len > PSK_MAX_PSK_LEN) +diff -up openssl-1.0.1e/ssl/s3_srvr.c.psk-identity openssl-1.0.1e/ssl/s3_srvr.c +--- openssl-1.0.1e/ssl/s3_srvr.c.psk-identity 2015-12-04 09:01:53.000000000 +0100 ++++ openssl-1.0.1e/ssl/s3_srvr.c 2015-12-04 09:43:45.144086868 +0100 +@@ -2751,7 +2751,7 @@ int ssl3_get_client_key_exchange(SSL *s) + + if (s->session->psk_identity != NULL) + OPENSSL_free(s->session->psk_identity); +- s->session->psk_identity = BUF_strdup((char *)p); ++ s->session->psk_identity = BUF_strndup((char *)p, i); + if (s->session->psk_identity == NULL) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, diff --git a/SPECS/openssl.spec b/SPECS/openssl.spec index d5ca112..47dd240 100644 --- a/SPECS/openssl.spec +++ b/SPECS/openssl.spec @@ -23,7 +23,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 1.0.1e -Release: 42%{?dist}.9 +Release: 51%{?dist}.1 Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -140,6 +140,9 @@ Patch131: openssl-1.0.1e-cve-2015-1789.patch Patch132: openssl-1.0.1e-cve-2015-1790.patch Patch133: openssl-1.0.1e-cve-2015-1791.patch Patch134: openssl-1.0.1e-cve-2015-1792.patch +Patch135: openssl-1.0.1e-cve-2015-3194.patch +Patch136: openssl-1.0.1e-cve-2015-3195.patch +Patch137: openssl-1.0.1e-cve-2015-3196.patch License: OpenSSL Group: System Environment/Libraries @@ -310,6 +313,9 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/ %patch132 -p1 -b .missing-content %patch133 -p1 -b .ticket-race %patch134 -p1 -b .unknown-hash +%patch135 -p1 -b .pss-check +%patch136 -p1 -b .combine-leak +%patch137 -p1 -b .psk-identity sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h @@ -576,34 +582,41 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* %postun libs -p /sbin/ldconfig %changelog -* Tue Jun 23 2015 Tomáš Mráz 1.0.1e-42.9 +* Fri Dec 4 2015 Tomáš Mráz 1.0.1e-51.1 +- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter +- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak +- fix CVE-2015-3196 - race condition when handling PSK identity hint + +* Tue Jun 23 2015 Tomáš Mráz 1.0.1e-51 - fix the CVE-2015-1791 fix (broken server side renegotiation) -* Thu Jun 11 2015 Tomáš Mráz 1.0.1e-42.8 +* Thu Jun 11 2015 Tomáš Mráz 1.0.1e-50 - improved fix for CVE-2015-1791 - add missing parts of CVE-2015-0209 fix for corectness although unexploitable -* Tue Jun 9 2015 Tomáš Mráz 1.0.1e-42.7 +* Tue Jun 9 2015 Tomáš Mráz 1.0.1e-49 - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function + +* Wed Jun 3 2015 Tomáš Mráz 1.0.1e-48 - fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on read in multithreaded applications -* Mon May 25 2015 Tomáš Mráz 1.0.1e-42.6 +* Mon May 25 2015 Tomáš Mráz 1.0.1e-47 - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) -* Thu Mar 26 2015 Tomáš Mráz 1.0.1e-42.5 +* Wed Mar 25 2015 Tomáš Mráz 1.0.1e-46 - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) -* Thu Mar 19 2015 Tomáš Mráz 1.0.1e-42.4 +* Thu Mar 19 2015 Tomáš Mráz 1.0.1e-45 - update fix for CVE-2015-0287 to what was released upstream -* Wed Mar 18 2015 Tomáš Mráz 1.0.1e-42.3 +* Wed Mar 18 2015 Tomáš Mráz 1.0.1e-44 - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption @@ -612,7 +625,7 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server -* Mon Mar 16 2015 Tomáš Mráz 1.0.1e-42.2 +* Mon Mar 16 2015 Tomáš Mráz 1.0.1e-43 - fix broken error detection when unwrapping unpadded key * Mon Mar 2 2015 Tomáš Mráz 1.0.1e-42.1