- fix for CVE-2009-2702
(Note: I haven't synced the whole thing from devel because it contains the temporary "drop KDE_IS_PRELINKED" workaround and because the only other change was the OpenSSL 1.x fix which isn't needed in F10/F11 anyway.)
This commit is contained in:
parent
1cee48288d
commit
6c47a767a1
|
@ -0,0 +1,62 @@
|
|||
diff -pruN kdelibs-3.5.4.orig/kio/kssl/kopenssl.cc kdelibs-3.5.4/kio/kssl/kopenssl.cc
|
||||
--- kdelibs-3.5.4.orig/kio/kssl/kopenssl.cc 2009-08-31 20:50:12.000000000 +0200
|
||||
+++ kdelibs-3.5.4/kio/kssl/kopenssl.cc 2009-08-31 21:46:47.000000000 +0200
|
||||
@@ -196,6 +196,7 @@ static int (*K_X509_NAME_add_entry_by_tx
|
||||
static X509_NAME *(*K_X509_NAME_new)() = 0L;
|
||||
static int (*K_X509_REQ_set_subject_name)(X509_REQ*,X509_NAME*) = 0L;
|
||||
static unsigned char *(*K_ASN1_STRING_data)(ASN1_STRING*) = 0L;
|
||||
+static int (*K_ASN1_STRING_length)(ASN1_STRING*) = 0L;
|
||||
static STACK_OF(SSL_CIPHER) *(*K_SSL_get_ciphers)(const SSL *ssl) = 0L;
|
||||
|
||||
#endif
|
||||
@@ -498,6 +499,7 @@ KConfig *cfg;
|
||||
K_X509_NAME_new = (X509_NAME *(*)()) _cryptoLib->symbol("X509_NAME_new");
|
||||
K_X509_REQ_set_subject_name = (int (*)(X509_REQ*,X509_NAME*)) _cryptoLib->symbol("X509_REQ_set_subject_name");
|
||||
K_ASN1_STRING_data = (unsigned char *(*)(ASN1_STRING*)) _cryptoLib->symbol("ASN1_STRING_data");
|
||||
+ K_ASN1_STRING_length = (int (*)(ASN1_STRING*)) _cryptoLib->symbol("ASN1_STRING_length");
|
||||
#endif
|
||||
}
|
||||
|
||||
@@ -1549,6 +1551,13 @@ unsigned char *KOpenSSLProxy::ASN1_STRIN
|
||||
return 0L;
|
||||
}
|
||||
|
||||
+
|
||||
+int KOpenSSLProxy::ASN1_STRING_length(ASN1_STRING *x) {
|
||||
+ if (K_ASN1_STRING_length) return (K_ASN1_STRING_length)(x);
|
||||
+ return 0L;
|
||||
+}
|
||||
+
|
||||
+
|
||||
STACK_OF(SSL_CIPHER) *KOpenSSLProxy::SSL_get_ciphers(const SSL* ssl) {
|
||||
if (K_SSL_get_ciphers) return (K_SSL_get_ciphers)(ssl);
|
||||
return 0L;
|
||||
diff -pruN kdelibs-3.5.4.orig/kio/kssl/kopenssl.h kdelibs-3.5.4/kio/kssl/kopenssl.h
|
||||
--- kdelibs-3.5.4.orig/kio/kssl/kopenssl.h 2006-07-22 10:16:39.000000000 +0200
|
||||
+++ kdelibs-3.5.4/kio/kssl/kopenssl.h 2009-08-31 21:46:47.000000000 +0200
|
||||
@@ -622,6 +622,11 @@ public:
|
||||
unsigned char *ASN1_STRING_data(ASN1_STRING *x);
|
||||
|
||||
/*
|
||||
+ * ASN1_STRING_length
|
||||
+ */
|
||||
+ int ASN1_STRING_length(ASN1_STRING *x);
|
||||
+
|
||||
+ /*
|
||||
*
|
||||
*/
|
||||
int OBJ_obj2nid(ASN1_OBJECT *o);
|
||||
diff -pruN kdelibs-3.5.4.orig/kio/kssl/ksslcertificate.cc kdelibs-3.5.4/kio/kssl/ksslcertificate.cc
|
||||
--- kdelibs-3.5.4.orig/kio/kssl/ksslcertificate.cc 2006-01-19 18:06:12.000000000 +0100
|
||||
+++ kdelibs-3.5.4/kio/kssl/ksslcertificate.cc 2009-08-31 21:54:38.000000000 +0200
|
||||
@@ -1099,7 +1099,9 @@ QStringList KSSLCertificate::subjAltName
|
||||
}
|
||||
|
||||
QString s = (const char *)d->kossl->ASN1_STRING_data(val->d.ia5);
|
||||
- if (!s.isEmpty()) {
|
||||
+ if (!s.isEmpty() &&
|
||||
+ /* skip subjectAltNames with embedded NULs */
|
||||
+ s.length() == d->kossl->ASN1_STRING_length(val->d.ia5)) {
|
||||
rc += s;
|
||||
}
|
||||
}
|
|
@ -36,7 +36,7 @@
|
|||
|
||||
Summary: K Desktop Environment 3 - Libraries
|
||||
Version: 3.5.10
|
||||
Release: 13%{?dist}
|
||||
Release: 13%{?dist}.1
|
||||
|
||||
%if 0%{?fedora} > 8
|
||||
Name: kdelibs3
|
||||
|
@ -108,6 +108,8 @@ Patch202: kdelibs-3.5.4-CVE-2009-1687.patch
|
|||
Patch203: kdelibs-3.5.4-CVE-2009-1690.patch
|
||||
# fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling
|
||||
Patch204: kdelibs-3.5.10-cve-2009-1698.patch
|
||||
# fix CVE-2009-2702 - ssl incorrect verification of SSL certificate with NUL in subjectAltName
|
||||
Patch205: kdelibs-3.5.10-CVE-2009-2702.patch
|
||||
|
||||
#{?arts:Requires: arts >= %{arts_ev}}
|
||||
#Requires: %{qt3} >= %{qt3_ev}
|
||||
|
@ -289,6 +291,7 @@ format for easy browsing
|
|||
%patch202 -p1 -b .cve-2009-1687
|
||||
%patch203 -p1 -b .cve-2009-1690
|
||||
%patch204 -p1 -b .cve-2009-1698
|
||||
%patch205 -p1 -b .cve-2009-2702
|
||||
|
||||
sed -i -e "s,^#define KDE_VERSION_STRING .*,#define KDE_VERSION_STRING \"%{version}-%{release} %{distname}\"," kdecore/kdeversion.h
|
||||
|
||||
|
@ -640,6 +643,9 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || :
|
|||
|
||||
|
||||
%changelog
|
||||
* Sun Sep 06 2009 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-13.1
|
||||
- fix for CVE-2009-2702
|
||||
|
||||
* Sun Jul 26 2009 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-13
|
||||
- fix CVE-2009-2537 - select length DoS
|
||||
- fix CVE-2009-1725 - crash, possible ACE in numeric character references
|
||||
|
|
Loading…
Reference in New Issue