/[smeserver]/rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2012-2333.patch
ViewVC logotype

Annotation of /rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2012-2333.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Tue Feb 18 03:03:09 2014 UTC (10 years, 9 months ago) by wellsi
Branch: MAIN
CVS Tags: openssl-0_9_8e-28_el5_sme, openssl-0_9_8e-33_1_el5_sme, openssl-0_9_8e-32_1_el5_sme, openssl-0_9_8e-27_1_el5_sme, openssl-0_9_8e-27_el5_10_1, openssl-0_9_8e-31_1_el5_sme, HEAD
Branch point for: upstream
Initial import

1 wellsi 1.1 Sanity check record length before skipping explicit IV in DTLS
2     to fix DoS attack.
3     Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
4     fuzzing as a service testing platform.
5     (CVE-2012-2333)
6     diff -up openssl-fips-0.9.8e/ssl/d1_enc.c.reclen openssl-fips-0.9.8e/ssl/d1_enc.c
7     --- openssl-fips-0.9.8e/ssl/d1_enc.c.reclen 2006-02-08 20:16:32.000000000 +0100
8     +++ openssl-fips-0.9.8e/ssl/d1_enc.c 2012-05-15 12:14:25.510013029 +0200
9     @@ -252,7 +252,7 @@ int dtls1_enc(SSL *s, int send)
10     }
11     /* TLS 1.0 does not bound the number of padding bytes by the block size.
12     * All of them must have value 'padding_length'. */
13     - if (i > (int)rec->length)
14     + if (i + bs > (int)rec->length)
15     {
16     /* Incorrect padding. SSLerr() and ssl3_alert are done
17     * by caller: we don't want to reveal whether this is

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed