- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)

- fix CVE-2006-2940 - parasitic public keys DoS (#207274)
- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)
- fix CVE-2006-4343 - sslv2 client DoS (#206940)
This commit is contained in:
Tomáš Mráz 2006-09-28 19:58:49 +00:00
parent ba40f6bb66
commit cd294fcd2a

View File

@ -56,6 +56,10 @@ Patch53: openssl-0.9.8b-bn-threadsafety.patch
Patch54: openssl-0.9.8b-aes-cachecol.patch
Patch55: openssl-0.9.8b-pkcs7-leak.patch
Patch56: openssl-0.9.8b-cve-2006-4339.patch
Patch57: openssl-0.9.8b-cve-2006-2937.patch
Patch58: openssl-0.9.8b-cve-2006-2940.patch
Patch59: openssl-0.9.8b-cve-2006-3738.patch
Patch60: openssl-0.9.8b-cve-2006-4343.patch
License: BSDish
Group: System Environment/Libraries
@ -121,6 +125,10 @@ from other formats to the formats used by the OpenSSL toolkit.
%patch54 -p1 -b .cachecol
%patch55 -p1 -b .pkcs7-leak
%patch56 -p1 -b .short-padding
%patch57 -p1 -b .asn1-error
%patch58 -p0 -b .parasitic
%patch59 -p0 -b .shared-ciphers
%patch60 -p0 -b .client-dos
# Modify the various perl scripts to reference perl in the right location.
perl util/perlpath.pl `dirname %{__perl}`
@ -355,7 +363,13 @@ rm -rf $RPM_BUILD_ROOT/%{_bindir}/openssl_fips_fingerprint
%postun -p /sbin/ldconfig
%changelog
* Tue Sep 9 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-6
* Mon Sep 25 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-7
- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)
- fix CVE-2006-2940 - parasitic public keys DoS (#207274)
- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)
- fix CVE-2006-4343 - sslv2 client DoS (#206940)
* Tue Sep 5 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-6
- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)
* Wed Aug 2 2006 Tomas Mraz <tmraz@redhat.com> - 0.9.8b-5