OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer Root: /e/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src openpkg-web Date: 30-Sep-2003 14:44:31 Branch: HEAD Handle: 2003093013442902 Modified files: openpkg-src/openssl openssl.patch openssl.spec openpkg-web news.txt Log: SA-2003.044-openssl; CAN-2003-0543, CAN-2003-0544, CAN-2003-0545 Summary: Revision Changes Path 1.12 +66 -0 openpkg-src/openssl/openssl.patch 1.47 +1 -1 openpkg-src/openssl/openssl.spec 1.6790 +1 -0 openpkg-web/news.txt ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-src/openssl/openssl.patch ============================================================================ $ cvs diff -u -r1.11 -r1.12 openssl.patch --- openpkg-src/openssl/openssl.patch 6 Aug 2003 08:52:45 -0000 1.11 +++ openpkg-src/openssl/openssl.patch 30 Sep 2003 12:44:31 -0000 1.12 @@ -9,3 +9,69 @@ { next loop if (($p%$primes[$i]) == 0); } + +----------------------------------------------------------------------------- + +Security Bugfixes +OpenPKG-SA-2003.044-openssl +http://www.openssl.org/news/secadv_20030930.txt +CAN-2003-0543, CAN-2003-0544, CAN-2003-0545 + +--- crypto/asn1/asn1_lib.c Sun Sep 28 14:20:55 2003 ++++ crypto/asn1/asn1_lib.c Fri Sep 26 13:51:38 2003 +@@ -104,10 +104,12 @@ + l<<=7L; + l|= *(p++)&0x7f; + if (--max == 0) goto err; ++ if (l > (INT_MAX >> 7L)) goto err; + } + l<<=7L; + l|= *(p++)&0x7f; + tag=(int)l; ++ if (--max == 0) goto err; + } + else + { +--- crypto/asn1/tasn_dec.c Sun Sep 28 14:20:55 2003 ++++ crypto/asn1/tasn_dec.c Fri Sep 26 13:51:38 2003 +@@ -691,6 +691,7 @@ + + int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) + { ++ ASN1_VALUE **opval = NULL; + ASN1_STRING *stmp; + ASN1_TYPE *typ = NULL; + int ret = 0; +@@ -705,6 +706,7 @@ + *pval = (ASN1_VALUE *)typ; + } else typ = (ASN1_TYPE *)*pval; + if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL); ++ opval = pval; + pval = (ASN1_VALUE **)&typ->value.ptr; + } + switch(utype) { +@@ -796,7 +798,12 @@ + + ret = 1; + err: +- if(!ret) ASN1_TYPE_free(typ); ++ if(!ret) ++ { ++ ASN1_TYPE_free(typ); ++ if (opval) ++ *opval = NULL; ++ } + return ret; + } + +--- crypto/x509/x509_vfy.c Sun Sep 28 14:20:55 2003 ++++ crypto/x509/x509_vfy.c Fri Sep 26 13:51:38 2003 +@@ -674,7 +674,7 @@ + ok=(*cb)(0,ctx); + if (!ok) goto end; + } +- if (X509_verify(xs,pkey) <= 0) ++ else if (X509_verify(xs,pkey) <= 0) + /* XXX For the final trusted self-signed cert, + * this is a waste of time. That check should + * optional so that e.g. 'openssl x509' can be @@ . patch -p0 <<'@@ .' Index: openpkg-src/openssl/openssl.spec ============================================================================ $ cvs diff -u -r1.46 -r1.47 openssl.spec --- openpkg-src/openssl/openssl.spec 6 Aug 2003 08:52:45 -0000 1.46 +++ openpkg-src/openssl/openssl.spec 30 Sep 2003 12:44:31 -0000 1.47 @@ -33,7 +33,7 @@ Group: Cryptography License: BSD-style Version: 0.9.7b -Release: 20030806 +Release: 20030930 # package options %option with_zlib no @@ . patch -p0 <<'@@ .' Index: openpkg-web/news.txt ============================================================================ $ cvs diff -u -r1.6789 -r1.6790 news.txt --- openpkg-web/news.txt 29 Sep 2003 19:09:19 -0000 1.6789 +++ openpkg-web/news.txt 30 Sep 2003 12:44:29 -0000 1.6790 @@ -1,3 +1,4 @@ +30-Sep-2003: Upgraded package: P<openssl-0.9.7b-20030930> 29-Sep-2003: New package: P<vile-9.4-20030929> 29-Sep-2003: Upgraded package: P<aegis-4.12-20030929> 29-Sep-2003: Upgraded package: P<perl-xml-20030929-20030929> @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List [EMAIL PROTECTED]