rpms
/
openssl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- fix CVE-2010-0740

This commit is contained in:
Tomáš Mráz 2010-03-25 12:20:03 +00:00
parent 578744ba64
commit 5a41641361
4 changed files with 6 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cvsignore
View File

@ -1 +1 @@
openssl-0.9.8m-usa.tar.bz2
openssl-0.9.8n-usa.tar.bz2

13
openssl-0.9.8m-cve-2010-0433.patch
View File

@ -1,13 +0,0 @@
diff -up openssl-0.9.8m/ssl/kssl.c.krbdos openssl-0.9.8m/ssl/kssl.c
--- openssl-0.9.8m/ssl/kssl.c.krbdos 2009-04-16 18:43:18.000000000 +0200
+++ openssl-0.9.8m/ssl/kssl.c 2010-03-22 20:57:06.000000000 +0100
@@ -1802,6 +1802,9 @@ kssl_ctx_show(KSSL_CTX *kssl_ctx)
kssl_ctx->service_name ? kssl_ctx->service_name: KRB5SVC,
KRB5_NT_SRV_HST, &princ);
+ if (krb5rc)
+ goto exit;
+
krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
princ,
0 /* IGNORE_VNO */,

8
openssl.spec
View File

@ -22,7 +22,7 @@
Summary: A general purpose cryptography library with TLS implementation
Name: openssl
Version: 0.9.8m
Version: 0.9.8n
Release: 1%{?dist}
# We remove certain patented algorithms from the openssl source tarball
# with the hobble-openssl script which is included below.
@ -64,7 +64,6 @@ Patch49: openssl-0.9.8j-fips-no-pairwise.patch
Patch50: openssl-0.9.8j-fips-rng-seed.patch
Patch51: openssl-0.9.8m-multi-crl.patch
# Backported fixes including security fixes
Patch60: openssl-0.9.8m-cve-2010-0433.patch
License: OpenSSL
Group: System Environment/Libraries
@ -148,8 +147,6 @@ from other formats to the formats used by the OpenSSL toolkit.
%patch50 -p1 -b .rng-seed
%patch51 -p1 -b .multi-crl
%patch60 -p1 -b .krbdos
# Modify the various perl scripts to reference perl in the right location.
perl util/perlpath.pl `dirname %{__perl}`
@ -407,6 +404,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun -p /sbin/ldconfig
%changelog
* Thu Mar 25 2010 Tomas Mraz <tmraz@redhat.com> 0.9.8n-1
- fix CVE-2010-0740
* Mon Mar 22 2010 Tomas Mraz <tmraz@redhat.com> 0.9.8m-1
- fix CVE-2009-3245 CVE-2009-3555 CVE-2009-4355 CVE-2010-0433

2
sources
View File

@ -1 +1 @@
a7761134f44b26b7a31c70047ba0f646 openssl-0.9.8m-usa.tar.bz2
b0d6a7c9e128cc2aa8481d57ed25333f openssl-0.9.8n-usa.tar.bz2