OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src openpkg-web Date: 30-Sep-2003 14:44:31
Branch: HEAD Handle: 2003093013442902
Modified files:
openpkg-src/openssl openssl.patch openssl.spec
openpkg-web news.txt
Log:
SA-2003.044-openssl; CAN-2003-0543, CAN-2003-0544, CAN-2003-0545
Summary:
Revision Changes Path
1.12 +66 -0 openpkg-src/openssl/openssl.patch
1.47 +1 -1 openpkg-src/openssl/openssl.spec
1.6790 +1 -0 openpkg-web/news.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/openssl/openssl.patch
============================================================================
$ cvs diff -u -r1.11 -r1.12 openssl.patch
--- openpkg-src/openssl/openssl.patch 6 Aug 2003 08:52:45 -0000 1.11
+++ openpkg-src/openssl/openssl.patch 30 Sep 2003 12:44:31 -0000 1.12
@@ -9,3 +9,69 @@
{
next loop if (($p%$primes[$i]) == 0);
}
+
+-----------------------------------------------------------------------------
+
+Security Bugfixes
+OpenPKG-SA-2003.044-openssl
+http://www.openssl.org/news/secadv_20030930.txt
+CAN-2003-0543, CAN-2003-0544, CAN-2003-0545
+
+--- crypto/asn1/asn1_lib.c Sun Sep 28 14:20:55 2003
++++ crypto/asn1/asn1_lib.c Fri Sep 26 13:51:38 2003
+@@ -104,10 +104,12 @@
+ l<<=7L;
+ l|= *(p++)&0x7f;
+ if (--max == 0) goto err;
++ if (l > (INT_MAX >> 7L)) goto err;
+ }
+ l<<=7L;
+ l|= *(p++)&0x7f;
+ tag=(int)l;
++ if (--max == 0) goto err;
+ }
+ else
+ {
+--- crypto/asn1/tasn_dec.c Sun Sep 28 14:20:55 2003
++++ crypto/asn1/tasn_dec.c Fri Sep 26 13:51:38 2003
+@@ -691,6 +691,7 @@
+
+ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
*free_cont, const ASN1_ITEM *it)
+ {
++ ASN1_VALUE **opval = NULL;
+ ASN1_STRING *stmp;
+ ASN1_TYPE *typ = NULL;
+ int ret = 0;
+@@ -705,6 +706,7 @@
+ *pval = (ASN1_VALUE *)typ;
+ } else typ = (ASN1_TYPE *)*pval;
+ if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL);
++ opval = pval;
+ pval = (ASN1_VALUE **)&typ->value.ptr;
+ }
+ switch(utype) {
+@@ -796,7 +798,12 @@
+
+ ret = 1;
+ err:
+- if(!ret) ASN1_TYPE_free(typ);
++ if(!ret)
++ {
++ ASN1_TYPE_free(typ);
++ if (opval)
++ *opval = NULL;
++ }
+ return ret;
+ }
+
+--- crypto/x509/x509_vfy.c Sun Sep 28 14:20:55 2003
++++ crypto/x509/x509_vfy.c Fri Sep 26 13:51:38 2003
+@@ -674,7 +674,7 @@
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+- if (X509_verify(xs,pkey) <= 0)
++ else if (X509_verify(xs,pkey) <= 0)
+ /* XXX For the final trusted self-signed cert,
+ * this is a waste of time. That check should
+ * optional so that e.g. 'openssl x509' can be
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/openssl/openssl.spec
============================================================================
$ cvs diff -u -r1.46 -r1.47 openssl.spec
--- openpkg-src/openssl/openssl.spec 6 Aug 2003 08:52:45 -0000 1.46
+++ openpkg-src/openssl/openssl.spec 30 Sep 2003 12:44:31 -0000 1.47
@@ -33,7 +33,7 @@
Group: Cryptography
License: BSD-style
Version: 0.9.7b
-Release: 20030806
+Release: 20030930
# package options
%option with_zlib no
@@ .
patch -p0 <<'@@ .'
Index: openpkg-web/news.txt
============================================================================
$ cvs diff -u -r1.6789 -r1.6790 news.txt
--- openpkg-web/news.txt 29 Sep 2003 19:09:19 -0000 1.6789
+++ openpkg-web/news.txt 30 Sep 2003 12:44:29 -0000 1.6790
@@ -1,3 +1,4 @@
+30-Sep-2003: Upgraded package: P<openssl-0.9.7b-20030930>
29-Sep-2003: New package: P<vile-9.4-20030929>
29-Sep-2003: Upgraded package: P<aegis-4.12-20030929>
29-Sep-2003: Upgraded package: P<perl-xml-20030929-20030929>
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
