diff --git a/mingw32-openssl.spec b/mingw32-openssl.spec index 6ec0cb2..91b336b 100644 --- a/mingw32-openssl.spec +++ b/mingw32-openssl.spec @@ -59,6 +59,7 @@ Patch7: openssl-1.0.0-timezone.patch # Bug fixes Patch23: openssl-1.0.0-beta4-default-paths.patch Patch24: openssl-0.9.8j-bad-mime.patch +Patch25: openssl-1.0.0a-sslt1lib.patch # Functionality changes Patch32: openssl-0.9.8g-ia64.patch Patch33: openssl-1.0.0-beta4-ca-dir.patch @@ -157,6 +158,7 @@ Static version of the MinGW port of the OpenSSL toolkit. %patch23 -p1 -b .default-paths %patch24 -p1 -b .bad-mime +%patch25 -p1 -b .sslt1lib %patch32 -p1 -b .ia64 #patch33 is applied after make test @@ -343,6 +345,9 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Fri Mar 04 2011 Kai Tietz +- Fixes for CVE-2011-0014 openssl: OCSP stapling vulnerability + * Thu Mar 3 2011 Kai Tietz - 1.0.0a-3 - Bump and rebuild. diff --git a/openssl-1.0.0a-sslt1lib.patch b/openssl-1.0.0a-sslt1lib.patch new file mode 100644 index 0000000..2e7d2ff --- /dev/null +++ b/openssl-1.0.0a-sslt1lib.patch @@ -0,0 +1,28 @@ +--- openssl-1.0.0a/ssl/t1_lib.c 25 Nov 2010 12:28:28 -0000 1.64.2.17 ++++ openssl-1.0.0a/ssl/t1_lib.c 8 Feb 2011 00:00:00 -0000 +@@ -917,6 +917,7 @@ + } + n2s(data, idsize); + dsize -= 2 + idsize; ++ size -= 2 + idsize; + if (dsize < 0) + { + *al = SSL_AD_DECODE_ERROR; +@@ -955,9 +956,14 @@ + } + + /* Read in request_extensions */ ++ if (size < 2) ++ { ++ *al = SSL_AD_DECODE_ERROR; ++ return 0; ++ } + n2s(data,dsize); + size -= 2; +- if (dsize > size) ++ if (dsize != size) + { + *al = SSL_AD_DECODE_ERROR; + return 0; + +