import nss-3.79.0-11.el8_7
This commit is contained in:
		
							parent
							
								
									12155fa416
								
							
						
					
					
						commit
						22aeef2bcc
					
				
							
								
								
									
										92
									
								
								SOURCES/cve-2023-0767.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										92
									
								
								SOURCES/cve-2023-0767.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,92 @@ | ||||
| diff --git a/lib/pkcs12/p12d.c b/lib/pkcs12/p12d.c
 | ||||
| --- a/lib/pkcs12/p12d.c
 | ||||
| +++ b/lib/pkcs12/p12d.c
 | ||||
| @@ -335,35 +335,42 @@
 | ||||
|      sec_PKCS12SafeContentsContext *safeContentsCtx = | ||||
|          (sec_PKCS12SafeContentsContext *)arg; | ||||
|      SEC_PKCS12DecoderContext *p12dcx; | ||||
|      SECStatus rv; | ||||
|   | ||||
| -    /* make sure that we are not skipping the current safeBag,
 | ||||
| -     * and that there are no errors.  If so, just return rather
 | ||||
| -     * than continuing to process.
 | ||||
| -     */
 | ||||
| -    if (!safeContentsCtx || !safeContentsCtx->p12dcx ||
 | ||||
| -        safeContentsCtx->p12dcx->error || safeContentsCtx->skipCurrentSafeBag) {
 | ||||
| +    if (!safeContentsCtx || !safeContentsCtx->p12dcx || !safeContentsCtx->currentSafeBagA1Dcx) {
 | ||||
|          return; | ||||
|      } | ||||
|      p12dcx = safeContentsCtx->p12dcx; | ||||
|   | ||||
| +    /* make sure that there are no errors and we are not skipping the current safeBag */
 | ||||
| +    if (p12dcx->error || safeContentsCtx->skipCurrentSafeBag) {
 | ||||
| +        goto loser;
 | ||||
| +    }
 | ||||
| +
 | ||||
|      rv = SEC_ASN1DecoderUpdate(safeContentsCtx->currentSafeBagA1Dcx, data, len); | ||||
|      if (rv != SECSuccess) { | ||||
|          p12dcx->errorValue = PORT_GetError(); | ||||
| +        p12dcx->error = PR_TRUE;
 | ||||
| +        goto loser;
 | ||||
| +    }
 | ||||
| +
 | ||||
| +    /* The update may have set safeContentsCtx->skipCurrentSafeBag, and we
 | ||||
| +     * may not get another opportunity to clean up the decoder context.
 | ||||
| +     */
 | ||||
| +    if (safeContentsCtx->skipCurrentSafeBag) {
 | ||||
|          goto loser; | ||||
|      } | ||||
|   | ||||
|      return; | ||||
|   | ||||
|  loser: | ||||
| -    /* set the error, and finish the decoder context.  because there
 | ||||
| +    /* Finish the decoder context. Because there
 | ||||
|       * is not a way of returning an error message, it may be worth | ||||
|       * while to do a check higher up and finish any decoding contexts | ||||
|       * that are still open. | ||||
|       */ | ||||
| -    p12dcx->error = PR_TRUE;
 | ||||
|      SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagA1Dcx); | ||||
|      safeContentsCtx->currentSafeBagA1Dcx = NULL; | ||||
|      return; | ||||
|  } | ||||
|   | ||||
| diff --git a/lib/pkcs12/p12t.h b/lib/pkcs12/p12t.h
 | ||||
| --- a/lib/pkcs12/p12t.h
 | ||||
| +++ b/lib/pkcs12/p12t.h
 | ||||
| @@ -71,10 +71,11 @@
 | ||||
|          SECKEYEncryptedPrivateKeyInfo *pkcs8ShroudedKeyBag; | ||||
|          sec_PKCS12CertBag *certBag; | ||||
|          sec_PKCS12CRLBag *crlBag; | ||||
|          sec_PKCS12SecretBag *secretBag; | ||||
|          sec_PKCS12SafeContents *safeContents; | ||||
| +        SECItem *unknownBag;
 | ||||
|      } safeBagContent; | ||||
|   | ||||
|      sec_PKCS12Attribute **attribs; | ||||
|   | ||||
|      /* used locally */ | ||||
| diff --git a/lib/pkcs12/p12tmpl.c b/lib/pkcs12/p12tmpl.c
 | ||||
| --- a/lib/pkcs12/p12tmpl.c
 | ||||
| +++ b/lib/pkcs12/p12tmpl.c
 | ||||
| @@ -28,16 +28,16 @@
 | ||||
|   | ||||
|      safeBag = (sec_PKCS12SafeBag *)src_or_dest; | ||||
|   | ||||
|      oiddata = SECOID_FindOID(&safeBag->safeBagType); | ||||
|      if (oiddata == NULL) { | ||||
| -        return SEC_ASN1_GET(SEC_AnyTemplate);
 | ||||
| +        return SEC_ASN1_GET(SEC_PointerToAnyTemplate);
 | ||||
|      } | ||||
|   | ||||
|      switch (oiddata->offset) { | ||||
|          default: | ||||
| -            theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
 | ||||
| +            theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
 | ||||
|              break; | ||||
|          case SEC_OID_PKCS12_V1_KEY_BAG_ID: | ||||
|              theTemplate = SEC_ASN1_GET(SECKEY_PointerToPrivateKeyInfoTemplate); | ||||
|              break; | ||||
|          case SEC_OID_PKCS12_V1_CERT_BAG_ID: | ||||
| 
 | ||||
| @ -63,7 +63,7 @@ print(string.sub(hash, 0, 16)) | ||||
| Summary:          Network Security Services | ||||
| Name:             nss | ||||
| Version:          %{nss_version} | ||||
| Release:          10%{?dist} | ||||
| Release:          11%{?dist} | ||||
| License:          MPLv2.0 | ||||
| URL:              http://www.mozilla.org/projects/security/pki/nss/ | ||||
| Requires:         nspr >= %{nspr_version}%{nspr_release} | ||||
| @ -167,6 +167,9 @@ Patch65:          nss-3.79-enable-POST-rerun.patch | ||||
| Patch66:          nss-3.79-increase-pbe-cache.patch | ||||
| Patch67:          nss-3.79-pkcs12-fix-null-password.patch | ||||
| Patch68:          nss-3.79-fips.patch | ||||
| # cve 2023-0767, remove on rebase to nss 3.88.1 or later | ||||
| # https://bugzilla.mozilla.org/show_bug.cgi?id=1804640 | ||||
| Patch70:          cve-2023-0767.patch | ||||
| 
 | ||||
| %description | ||||
| Network Security Services (NSS) is a set of libraries designed to | ||||
| @ -944,7 +947,10 @@ update-crypto-policies --no-reload &> /dev/null || : | ||||
| 
 | ||||
| 
 | ||||
| %changelog | ||||
| * Thu Aug 11 2022 Bob Relyea <rrelyea@redhat.com> - 3.79.0-11 | ||||
| * Wed Mar 8 2023 Bob Relyea <rrelyea@redhat.com> - 3.79.0-11 | ||||
| - Fix CVE-2023-0767 | ||||
| 
 | ||||
| * Thu Aug 11 2022 Bob Relyea <rrelyea@redhat.com> - 3.79.0-10 | ||||
| - Fix QA found failures: | ||||
| -  remove extra '+' from sslpolicy.txt file causing test error values | ||||
| -  only use GRND_RANDOM if the kernel is in FIPS mode. | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user