diff options
author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2015-01-26 17:29:17 -0300 |
---|---|---|
committer | Peter Korsgaard <peter@korsgaard.com> | 2015-01-26 23:13:44 +0100 |
commit | d663af559e3c66603fb8cb3a0b029c40d29bc57a (patch) | |
tree | d2f4488df4c78adb08f2a284dcd3838f347ec36b | |
parent | 349c9c7fac4bf8cd7d781e8aab6edc47b7ceb7c2 (diff) |
polarssl: add fix for CVE-2015-1182
Fixes CVE-2015-1182 - Remote attack using crafted certificates.
Also rename patches to new naming convention.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r-- | package/polarssl/0001-no-test-suite.patch (renamed from package/polarssl/polarssl-0001-no-test-suite.patch) | 0 | ||||
-rw-r--r-- | package/polarssl/0002-cmake-use-the-standard-CMake-flag-to-drive-the-share.patch (renamed from package/polarssl/polarssl-0002-cmake-use-the-standard-CMake-flag-to-drive-the-share.patch) | 0 | ||||
-rw-r--r-- | package/polarssl/0003-fix-CVE-2015-1182.patch | 19 |
3 files changed, 19 insertions, 0 deletions
diff --git a/package/polarssl/polarssl-0001-no-test-suite.patch b/package/polarssl/0001-no-test-suite.patch index 4c8552a94..4c8552a94 100644 --- a/package/polarssl/polarssl-0001-no-test-suite.patch +++ b/package/polarssl/0001-no-test-suite.patch diff --git a/package/polarssl/polarssl-0002-cmake-use-the-standard-CMake-flag-to-drive-the-share.patch b/package/polarssl/0002-cmake-use-the-standard-CMake-flag-to-drive-the-share.patch index d241ae264..d241ae264 100644 --- a/package/polarssl/polarssl-0002-cmake-use-the-standard-CMake-flag-to-drive-the-share.patch +++ b/package/polarssl/0002-cmake-use-the-standard-CMake-flag-to-drive-the-share.patch diff --git a/package/polarssl/0003-fix-CVE-2015-1182.patch b/package/polarssl/0003-fix-CVE-2015-1182.patch new file mode 100644 index 000000000..9309c9d28 --- /dev/null +++ b/package/polarssl/0003-fix-CVE-2015-1182.patch @@ -0,0 +1,19 @@ +Fix CVE-2015-1182 - Remote attack using crafted certificates. +Patch status: from upstream see: +https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 + +Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> + +diff --git a/library/asn1parse.c b/library/asn1parse.c +index a3a2b56..e2117bf 100644 +--- a/library/asn1parse.c ++++ b/library/asn1parse.c +@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char **p, + if( cur->next == NULL ) + return( POLARSSL_ERR_ASN1_MALLOC_FAILED ); + ++ memset( cur->next, 0, sizeof( asn1_sequence ) ); ++ + cur = cur->next; + } + } |