import compat-openssl10-1.0.2o-4.el8_6
This commit is contained in:
parent
238fe008fb
commit
a2f908afdb
66
SOURCES/openssl-1.0.2o-cve-2022-0778.patch
Normal file
66
SOURCES/openssl-1.0.2o-cve-2022-0778.patch
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
From 3118eb64934499d93db3230748a452351d1d9a65 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tomas Mraz <tomas@openssl.org>
|
||||||
|
Date: Mon, 28 Feb 2022 18:26:21 +0100
|
||||||
|
Subject: [PATCH] Fix possible infinite loop in BN_mod_sqrt()
|
||||||
|
|
||||||
|
The calculation in some cases does not finish for non-prime p.
|
||||||
|
|
||||||
|
This fixes CVE-2022-0778.
|
||||||
|
|
||||||
|
Based on patch by David Benjamin <davidben@google.com>.
|
||||||
|
|
||||||
|
Reviewed-by: Paul Dale <pauli@openssl.org>
|
||||||
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
||||||
|
---
|
||||||
|
crypto/bn/bn_sqrt.c | 30 ++++++++++++++++++------------
|
||||||
|
1 file changed, 18 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c
|
||||||
|
index 1723d5ded5a8..53b0f559855c 100644
|
||||||
|
--- a/crypto/bn/bn_sqrt.c
|
||||||
|
+++ b/crypto/bn/bn_sqrt.c
|
||||||
|
@@ -14,7 +14,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
|
||||||
|
/*
|
||||||
|
* Returns 'ret' such that ret^2 == a (mod p), using the Tonelli/Shanks
|
||||||
|
* algorithm (cf. Henri Cohen, "A Course in Algebraic Computational Number
|
||||||
|
- * Theory", algorithm 1.5.1). 'p' must be prime!
|
||||||
|
+ * Theory", algorithm 1.5.1). 'p' must be prime, otherwise an error or
|
||||||
|
+ * an incorrect "result" will be returned.
|
||||||
|
*/
|
||||||
|
{
|
||||||
|
BIGNUM *ret = in;
|
||||||
|
@@ -301,18 +302,23 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
|
||||||
|
goto vrfy;
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* find smallest i such that b^(2^i) = 1 */
|
||||||
|
- i = 1;
|
||||||
|
- if (!BN_mod_sqr(t, b, p, ctx))
|
||||||
|
- goto end;
|
||||||
|
- while (!BN_is_one(t)) {
|
||||||
|
- i++;
|
||||||
|
- if (i == e) {
|
||||||
|
- BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
|
||||||
|
- goto end;
|
||||||
|
+ /* Find the smallest i, 0 < i < e, such that b^(2^i) = 1. */
|
||||||
|
+ for (i = 1; i < e; i++) {
|
||||||
|
+ if (i == 1) {
|
||||||
|
+ if (!BN_mod_sqr(t, b, p, ctx))
|
||||||
|
+ goto end;
|
||||||
|
+
|
||||||
|
+ } else {
|
||||||
|
+ if (!BN_mod_mul(t, t, t, p, ctx))
|
||||||
|
+ goto end;
|
||||||
|
}
|
||||||
|
- if (!BN_mod_mul(t, t, t, p, ctx))
|
||||||
|
- goto end;
|
||||||
|
+ if (BN_is_one(t))
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ /* If not found, a is not a square or p is not prime. */
|
||||||
|
+ if (i >= e) {
|
||||||
|
+ BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
|
||||||
|
+ goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* t := y^2^(e - i - 1) */
|
@ -22,7 +22,7 @@
|
|||||||
Summary: Compatibility version of the OpenSSL library
|
Summary: Compatibility version of the OpenSSL library
|
||||||
Name: compat-openssl10
|
Name: compat-openssl10
|
||||||
Version: 1.0.2o
|
Version: 1.0.2o
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
@ -92,6 +92,7 @@ Patch99: openssl-1.0.2k-fips-randlock.patch
|
|||||||
Patch80: openssl-1.0.2o-wrap-pad.patch
|
Patch80: openssl-1.0.2o-wrap-pad.patch
|
||||||
Patch81: openssl-1.0.2a-padlock64.patch
|
Patch81: openssl-1.0.2a-padlock64.patch
|
||||||
Patch82: openssl-1.0.2m-trusted-first-doc.patch
|
Patch82: openssl-1.0.2m-trusted-first-doc.patch
|
||||||
|
Patch83: openssl-1.0.2o-cve-2022-0778.patch
|
||||||
|
|
||||||
License: OpenSSL
|
License: OpenSSL
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -194,6 +195,7 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
|
|||||||
%patch80 -p1 -b .wrap
|
%patch80 -p1 -b .wrap
|
||||||
%patch81 -p1 -b .padlock64
|
%patch81 -p1 -b .padlock64
|
||||||
%patch82 -p1 -b .trusted-first
|
%patch82 -p1 -b .trusted-first
|
||||||
|
%patch83 -p1 -b .cve-2022-0778
|
||||||
|
|
||||||
sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
|
sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
|
||||||
|
|
||||||
@ -416,6 +418,10 @@ install -m 644 apps/openssl10.cnf $RPM_BUILD_ROOT%{_sysconfdir}/pki/openssl10.cn
|
|||||||
%postun -p /sbin/ldconfig
|
%postun -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed May 04 2022 Clemens Lang <cllang@redhat.com> - 1:1.0.2o-4
|
||||||
|
- Fix CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
|
||||||
|
Resolves: rhbz#2077417
|
||||||
|
|
||||||
* Fri Aug 3 2018 Tomáš Mráz <tmraz@redhat.com> 1.0.2o-3
|
* Fri Aug 3 2018 Tomáš Mráz <tmraz@redhat.com> 1.0.2o-3
|
||||||
- provide and use compat openssl10.cnf as the non-compat one is incompatible
|
- provide and use compat openssl10.cnf as the non-compat one is incompatible
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user