[MediaWiki-commits] [Gerrit] operations...openssl11[master]: Update to 1.1.0c and drop merged fix-read-ahead.patch

Muehlenhoff (Code Review) Thu, 10 Nov 2016 07:46:17 -0800

Muehlenhoff has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/320789


Change subject: Update to 1.1.0c and drop merged fix-read-ahead.patch
......................................................................

Update to 1.1.0c and drop merged fix-read-ahead.patch

Change-Id: Iff74c299e35ef36b3727e4b5f9961053f18a5d77
---
M debian/changelog
D debian/patches/fix-read-ahead.patch
M debian/patches/series
3 files changed, 10 insertions(+), 71 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/debs/openssl11 
refs/changes/89/320789/1

diff --git a/debian/changelog b/debian/changelog
index 21a23af..603c1b6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+openssl (1.1.0c-1+wmf1) jessie-wikimedia; urgency=medium
+
+  * New upstream release
+    - Fix CVE-2016-7054
+    - Fix CVE-2016-7053
+    - Fix CVE-2016-7055
+  * Drop fix-read-ahead.patch, merged in 1.1.0c
+
+ -- Moritz Muehlenhoff <mmuhlenh...@wikimedia.org>  Thu, 10 Nov 2016 16:42:36 
+0100
+
 openssl (1.1.0b-1+wmf2) jessie-wikimedia; urgency=medium
 
   * Cherrypick 0f6c9d73cb1e1027c67d993a669719e351c25cfc from the
diff --git a/debian/patches/fix-read-ahead.patch 
b/debian/patches/fix-read-ahead.patch
deleted file mode 100644
index 436bd0a..0000000
--- a/debian/patches/fix-read-ahead.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-From 0f6c9d73cb1e1027c67d993a669719e351c25cfc Mon Sep 17 00:00:00 2001
-From: Matt Caswell <m...@openssl.org>
-Date: Wed, 2 Nov 2016 10:34:12 +0000
-Subject: [PATCH] Fix read_ahead
-
-The function ssl3_read_n() takes a parameter |clearold| which, if set,
-causes any old data in the read buffer to be forgotten, and any unread data
-to be moved to the start of the buffer. This is supposed to happen when we
-first read the record header.
-
-However, the data move was only taking place if there was not already
-sufficient data in the buffer to satisfy the request. If read_ahead is set
-then the record header could be in the buffer already from when we read the
-preceding record. So with read_ahead we can get into a situation where even
-though |clearold| is set, the data does not get moved to the start of the
-read buffer when we read the record header. This means there is insufficient
-room in the read buffer to consume the rest of the record body, resulting in
-an internal error.
-
-This commit moves the |clearold| processing to earlier in ssl3_read_n()
-to ensure that it always takes place.
-
-Reviewed-by: Richard Levitte <levi...@openssl.org>
-(cherry picked from commit a7faa6da317887e14e8e28254a83555983ed6ca7)
----
- ssl/record/rec_layer_s3.c | 24 ++++++++++++------------
- 1 file changed, 12 insertions(+), 12 deletions(-)
-
-diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
-index 9c8c23c..4535f89 100644
---- a/ssl/record/rec_layer_s3.c
-+++ b/ssl/record/rec_layer_s3.c
-@@ -241,6 +241,18 @@ int ssl3_read_n(SSL *s, int n, int max, int extend, int 
clearold)
-         /* ... now we can act as if 'extend' was set */
-     }
- 
-+    len = s->rlayer.packet_length;
-+    pkt = rb->buf + align;
-+    /*
-+     * Move any available bytes to front of buffer: 'len' bytes already
-+     * pointed to by 'packet', 'left' extra ones at the end
-+     */
-+    if (s->rlayer.packet != pkt && clearold == 1) {
-+        memmove(pkt, s->rlayer.packet, len + left);
-+        s->rlayer.packet = pkt;
-+        rb->offset = len + align;
-+    }
-+
-     /*
-      * For DTLS/UDP reads should not span multiple packets because the read
-      * operation returns the whole packet at once (as long as it fits into
-@@ -263,18 +275,6 @@ int ssl3_read_n(SSL *s, int n, int max, int extend, int 
clearold)
- 
-     /* else we need to read more data */
- 
--    len = s->rlayer.packet_length;
--    pkt = rb->buf + align;
--    /*
--     * Move any available bytes to front of buffer: 'len' bytes already
--     * pointed to by 'packet', 'left' extra ones at the end
--     */
--    if (s->rlayer.packet != pkt && clearold == 1) { /* len > 0 */
--        memmove(pkt, s->rlayer.packet, len + left);
--        s->rlayer.packet = pkt;
--        rb->offset = len + align;
--    }
--
-     if (n > (int)(rb->len - rb->offset)) { /* does not happen */
-         SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR);
-         return -1;
diff --git a/debian/patches/series b/debian/patches/series
index 145ae81..5b5a83d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -5,4 +5,3 @@
 pic.patch
 c_rehash-compat.patch
 #padlock_conf.patch
-fix-read-ahead.patch

-- 
To view, visit https://gerrit.wikimedia.org/r/320789
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Iff74c299e35ef36b3727e4b5f9961053f18a5d77
Gerrit-PatchSet: 1
Gerrit-Project: operations/debs/openssl11
Gerrit-Branch: master
Gerrit-Owner: Muehlenhoff <mmuhlenh...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] operations...openssl11[master]: Update to 1.1.0c and drop merged fix-read-ahead.patch

Reply via email to