diff --git a/CVE-2020-1967.patch b/CVE-2020-1967.patch deleted file mode 100644 index b9f36dcb95a3c638c70f0d404baf3121137100b4..0000000000000000000000000000000000000000 --- a/CVE-2020-1967.patch +++ /dev/null @@ -1,48 +0,0 @@ -From a87f3fe01a5a894aa27ccd6a239155fd129988e4 Mon Sep 17 00:00:00 2001 -From: Benjamin Kaduk -Date: Fri Apr 10 12:27:28 2020 -0700 -Subject: Fix NULL dereference in SSL_check_chain() for TLS 1.3 - -In the tls1_check_sig_alg() helper function, we loop through the list of -"signature_algorithms_cert" values received from the client and attempt -to look up each one in turn in our internal table that maps wire -codepoint to string-form name, digest and/or signature NID, etc., in -order to compare the signature scheme from the peer's list against what -is used to sign the certificates in the certificate chain we're -checking. Unfortunately, when the peer sends a value that we don't -support, the lookup returns NULL, but we unconditionally dereference the -lookup result for the comparison, leading to an application crash -triggerable by an unauthenticated client. - -Since we will not be able to say anything about algorithms we don't -recognize, treat NULL return from lookup as "does not match". - -We currently only apply the "signature_algorithm_cert" checks on TLS 1.3 -connections, so previous TLS versions are unaffected. SSL_check_chain() -is not called directly from libssl, but may be used by the application -inside a callback (e.g., client_hello or cert callback) to verify that a -candidate certificate chain will be acceptable to the client. - -CVE-2020-1967 - -Reviewed-by: Matt Caswell ---- - openssl-1.1.1f/ssl/t1_lib.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c -index 0ff0d37..5a4389c 100644 ---- a/ssl/t1_lib.c -+++ b/ssl/t1_lib.c -@@ -2132,7 +2132,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid) - sigalg = use_pc_sigalgs - ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i]) - : s->shared_sigalgs[i]; -- if (sig_nid == sigalg->sigandhash) -+ if (sigalg != NULL && sig_nid == sigalg->sigandhash) - return 1; - } - return 0; --- -1.8.3.1 - diff --git a/CVE-2020-1971-0001-DirectoryString-is-a-CHOICE-type-and-therefore-uses-.patch b/CVE-2020-1971-0001-DirectoryString-is-a-CHOICE-type-and-therefore-uses-.patch deleted file mode 100644 index 0bf75e601c56c4dfce7fb521d2e37c2ae762cc05..0000000000000000000000000000000000000000 --- a/CVE-2020-1971-0001-DirectoryString-is-a-CHOICE-type-and-therefore-uses-.patch +++ /dev/null @@ -1,41 +0,0 @@ -From aa0ad2011d3e7ad8a611da274ef7d9c7706e289b Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Wed, 11 Nov 2020 15:19:34 +0000 -Subject: [PATCH 01/31] DirectoryString is a CHOICE type and therefore uses - explicit tagging - -EDIPartyName has 2 fields that use a DirectoryString. However they were -marked as implicit tagging - which is not correct for a CHOICE type. - -Additionally the partyName field was marked as Optional when, according to -RFC5280 it is not. - -Many thanks to github user @filipnavara for reporting this issue. Also to -David Benjamin from Google who independently identified and reported it. - -Fixes #6859 - -Reviewed-by: Tomas Mraz ---- - crypto/x509v3/v3_genn.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c -index 23e3bc4..b483f35 100644 ---- a/crypto/x509v3/v3_genn.c -+++ b/crypto/x509v3/v3_genn.c -@@ -22,8 +22,9 @@ ASN1_SEQUENCE(OTHERNAME) = { - IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME) - - ASN1_SEQUENCE(EDIPARTYNAME) = { -- ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), -- ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) -+ /* DirectoryString is a CHOICE type so use explicit tagging */ -+ ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), -+ ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) - } ASN1_SEQUENCE_END(EDIPARTYNAME) - - IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME) --- -1.8.3.1 - diff --git a/CVE-2020-1971-0002-Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch b/CVE-2020-1971-0002-Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch deleted file mode 100644 index 36954c1454e59e9c32bb842a7a41614eec89805f..0000000000000000000000000000000000000000 --- a/CVE-2020-1971-0002-Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch +++ /dev/null @@ -1,101 +0,0 @@ -From f960d81215ebf3f65e03d4d5d857fb9b666d6920 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Wed, 11 Nov 2020 16:12:58 +0000 -Subject: [PATCH 02/31] Correctly compare EdiPartyName in GENERAL_NAME_cmp() - -If a GENERAL_NAME field contained EdiPartyName data then it was -incorrectly being handled as type "other". This could lead to a -segmentation fault. - -Many thanks to David Benjamin from Google for reporting this issue. - -CVE-2020-1971 - -Reviewed-by: Tomas Mraz ---- - crypto/x509v3/v3_genn.c | 45 ++++++++++++++++++++++++++++++++++++++++++--- - 1 file changed, 42 insertions(+), 3 deletions(-) - -diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c -index b483f35..6f0a347 100644 ---- a/crypto/x509v3/v3_genn.c -+++ b/crypto/x509v3/v3_genn.c -@@ -58,6 +58,37 @@ GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a) - (char *)a); - } - -+static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b) -+{ -+ int res; -+ -+ if (a == NULL || b == NULL) { -+ /* -+ * Shouldn't be possible in a valid GENERAL_NAME, but we handle it -+ * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here -+ */ -+ return -1; -+ } -+ if (a->nameAssigner == NULL && b->nameAssigner != NULL) -+ return -1; -+ if (a->nameAssigner != NULL && b->nameAssigner == NULL) -+ return 1; -+ /* If we get here then both have nameAssigner set, or both unset */ -+ if (a->nameAssigner != NULL) { -+ res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner); -+ if (res != 0) -+ return res; -+ } -+ /* -+ * partyName is required, so these should never be NULL. We treat it in -+ * the same way as the a == NULL || b == NULL case above -+ */ -+ if (a->partyName == NULL || b->partyName == NULL) -+ return -1; -+ -+ return ASN1_STRING_cmp(a->partyName, b->partyName); -+} -+ - /* Returns 0 if they are equal, != 0 otherwise. */ - int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) - { -@@ -67,8 +98,11 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) - return -1; - switch (a->type) { - case GEN_X400: -+ result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address); -+ break; -+ - case GEN_EDIPARTY: -- result = ASN1_TYPE_cmp(a->d.other, b->d.other); -+ result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName); - break; - - case GEN_OTHERNAME: -@@ -115,8 +149,11 @@ void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) - { - switch (type) { - case GEN_X400: -+ a->d.x400Address = value; -+ break; -+ - case GEN_EDIPARTY: -- a->d.other = value; -+ a->d.ediPartyName = value; - break; - - case GEN_OTHERNAME: -@@ -150,8 +187,10 @@ void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype) - *ptype = a->type; - switch (a->type) { - case GEN_X400: -+ return a->d.x400Address; -+ - case GEN_EDIPARTY: -- return a->d.other; -+ return a->d.ediPartyName; - - case GEN_OTHERNAME: - return a->d.otherName; --- -1.8.3.1 - diff --git a/CVE-2020-1971-0003-Check-that-multi-strings-CHOICE-types-don-t-use-impl.patch b/CVE-2020-1971-0003-Check-that-multi-strings-CHOICE-types-don-t-use-impl.patch deleted file mode 100644 index 6e810be2b4efcc511b00fae3882dba256aaf45f0..0000000000000000000000000000000000000000 --- a/CVE-2020-1971-0003-Check-that-multi-strings-CHOICE-types-don-t-use-impl.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 1ecc76f6746cefd502c7e9000bdfa4e5d7911386 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Thu, 12 Nov 2020 11:58:12 +0000 -Subject: [PATCH 03/31] Check that multi-strings/CHOICE types don't use - implicit tagging - -It never makes sense for multi-string or CHOICE types to use implicit -tagging since the content would be ambiguous. It is an error in the -template if this ever happens. If we detect it we should stop parsing. - -Thanks to David Benjamin from Google for reporting this issue. - -Reviewed-by: Tomas Mraz ---- - crypto/asn1/asn1_err.c | 1 + - crypto/asn1/tasn_dec.c | 19 +++++++++++++++++++ - crypto/err/openssl.txt | 1 + - include/openssl/asn1err.h | 1 + - 4 files changed, 22 insertions(+) - -diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c -index 613f9ae..99a087d 100644 ---- a/crypto/asn1/asn1_err.c -+++ b/crypto/asn1/asn1_err.c -@@ -160,6 +160,7 @@ static const ERR_STRING_DATA ASN1_str_reasons[] = { - "asn1 sig parse error"}, - {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_AUX_ERROR), "aux error"}, - {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_OBJECT_HEADER), "bad object header"}, -+ {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_TEMPLATE), "bad template"}, - {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BMPSTRING_IS_WRONG_LENGTH), - "bmpstring is wrong length"}, - {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BN_LIB), "bn lib"}, -diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c -index 2332b20..1021705 100644 ---- a/crypto/asn1/tasn_dec.c -+++ b/crypto/asn1/tasn_dec.c -@@ -182,6 +182,15 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in, - tag, aclass, opt, ctx); - - case ASN1_ITYPE_MSTRING: -+ /* -+ * It never makes sense for multi-strings to have implicit tagging, so -+ * if tag != -1, then this looks like an error in the template. -+ */ -+ if (tag != -1) { -+ ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE); -+ goto err; -+ } -+ - p = *in; - /* Just read in tag and class */ - ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, -@@ -199,6 +208,7 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in, - ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); - goto err; - } -+ - /* Check tag matches bit map */ - if (!(ASN1_tag2bit(otag) & it->utype)) { - /* If OPTIONAL, assume this is OK */ -@@ -215,6 +225,15 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in, - return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx); - - case ASN1_ITYPE_CHOICE: -+ /* -+ * It never makes sense for CHOICE types to have implicit tagging, so -+ * if tag != -1, then this looks like an error in the template. -+ */ -+ if (tag != -1) { -+ ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE); -+ goto err; -+ } -+ - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) - goto auxerr; - if (*pval) { -diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt -index 0b5873e..2f93221 100644 ---- a/crypto/err/openssl.txt -+++ b/crypto/err/openssl.txt -@@ -1771,6 +1771,7 @@ ASN1_R_ASN1_PARSE_ERROR:203:asn1 parse error - ASN1_R_ASN1_SIG_PARSE_ERROR:204:asn1 sig parse error - ASN1_R_AUX_ERROR:100:aux error - ASN1_R_BAD_OBJECT_HEADER:102:bad object header -+ASN1_R_BAD_TEMPLATE:230:bad template - ASN1_R_BMPSTRING_IS_WRONG_LENGTH:214:bmpstring is wrong length - ASN1_R_BN_LIB:105:bn lib - ASN1_R_BOOLEAN_IS_WRONG_LENGTH:106:boolean is wrong length -diff --git a/include/openssl/asn1err.h b/include/openssl/asn1err.h -index faed5a5..9070e26 100644 ---- a/include/openssl/asn1err.h -+++ b/include/openssl/asn1err.h -@@ -145,6 +145,7 @@ int ERR_load_ASN1_strings(void); - # define ASN1_R_ASN1_SIG_PARSE_ERROR 204 - # define ASN1_R_AUX_ERROR 100 - # define ASN1_R_BAD_OBJECT_HEADER 102 -+# define ASN1_R_BAD_TEMPLATE 230 - # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 - # define ASN1_R_BN_LIB 105 - # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 --- -1.8.3.1 - diff --git a/CVE-2020-1971-0004-Complain-if-we-are-attempting-to-encode-with-an-inva.patch b/CVE-2020-1971-0004-Complain-if-we-are-attempting-to-encode-with-an-inva.patch deleted file mode 100644 index c575a53a6080fd1f363e1334e44e87e06ba4b1dd..0000000000000000000000000000000000000000 --- a/CVE-2020-1971-0004-Complain-if-we-are-attempting-to-encode-with-an-inva.patch +++ /dev/null @@ -1,116 +0,0 @@ -From 41d62636fd996c031c0c7cef746476278583dc9e Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Thu, 12 Nov 2020 14:55:31 +0000 -Subject: [PATCH 04/31] Complain if we are attempting to encode with an invalid - ASN.1 template - -It never makes sense for multi-string or CHOICE types to have implicit -tagging. If we have a template that uses the in this way then we -should immediately fail. - -Thanks to David Benjamin from Google for reporting this issue. - -Reviewed-by: Tomas Mraz ---- - crypto/asn1/asn1_err.c | 3 ++- - crypto/asn1/tasn_enc.c | 16 ++++++++++++++++ - crypto/err/openssl.txt | 1 + - include/openssl/asn1err.h | 7 +++---- - 4 files changed, 22 insertions(+), 5 deletions(-) - -diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c -index 99a087d..cc0a59c 100644 ---- a/crypto/asn1/asn1_err.c -+++ b/crypto/asn1/asn1_err.c -@@ -1,6 +1,6 @@ - /* - * Generated by util/mkerr.pl DO NOT EDIT -- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy -@@ -49,6 +49,7 @@ static const ERR_STRING_DATA ASN1_str_functs[] = { - "asn1_item_embed_d2i"}, - {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_NEW, 0), - "asn1_item_embed_new"}, -+ {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EX_I2D, 0), "ASN1_item_ex_i2d"}, - {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_FLAGS_I2D, 0), - "asn1_item_flags_i2d"}, - {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_BIO, 0), "ASN1_item_i2d_bio"}, -diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c -index d600c7a..52a051d 100644 ---- a/crypto/asn1/tasn_enc.c -+++ b/crypto/asn1/tasn_enc.c -@@ -103,9 +103,25 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, - return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); - - case ASN1_ITYPE_MSTRING: -+ /* -+ * It never makes sense for multi-strings to have implicit tagging, so -+ * if tag != -1, then this looks like an error in the template. -+ */ -+ if (tag != -1) { -+ ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); -+ return -1; -+ } - return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); - - case ASN1_ITYPE_CHOICE: -+ /* -+ * It never makes sense for CHOICE types to have implicit tagging, so -+ * if tag != -1, then this looks like an error in the template. -+ */ -+ if (tag != -1) { -+ ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); -+ return -1; -+ } - if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) - return 0; - i = asn1_get_choice_selector(pval, it); -diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt -index 2f93221..815460b 100644 ---- a/crypto/err/openssl.txt -+++ b/crypto/err/openssl.txt -@@ -36,6 +36,7 @@ ASN1_F_ASN1_ITEM_D2I_FP:206:ASN1_item_d2i_fp - ASN1_F_ASN1_ITEM_DUP:191:ASN1_item_dup - ASN1_F_ASN1_ITEM_EMBED_D2I:120:asn1_item_embed_d2i - ASN1_F_ASN1_ITEM_EMBED_NEW:121:asn1_item_embed_new -+ASN1_F_ASN1_ITEM_EX_I2D:144:ASN1_item_ex_i2d - ASN1_F_ASN1_ITEM_FLAGS_I2D:118:asn1_item_flags_i2d - ASN1_F_ASN1_ITEM_I2D_BIO:192:ASN1_item_i2d_bio - ASN1_F_ASN1_ITEM_I2D_FP:193:ASN1_item_i2d_fp -diff --git a/include/openssl/asn1err.h b/include/openssl/asn1err.h -index 9070e26..e1ad1fe 100644 ---- a/include/openssl/asn1err.h -+++ b/include/openssl/asn1err.h -@@ -1,6 +1,6 @@ - /* - * Generated by util/mkerr.pl DO NOT EDIT -- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy -@@ -11,9 +11,7 @@ - #ifndef HEADER_ASN1ERR_H - # define HEADER_ASN1ERR_H - --# ifndef HEADER_SYMHACKS_H --# include --# endif -+# include - - # ifdef __cplusplus - extern "C" -@@ -53,6 +51,7 @@ int ERR_load_ASN1_strings(void); - # define ASN1_F_ASN1_ITEM_DUP 191 - # define ASN1_F_ASN1_ITEM_EMBED_D2I 120 - # define ASN1_F_ASN1_ITEM_EMBED_NEW 121 -+# define ASN1_F_ASN1_ITEM_EX_I2D 144 - # define ASN1_F_ASN1_ITEM_FLAGS_I2D 118 - # define ASN1_F_ASN1_ITEM_I2D_BIO 192 - # define ASN1_F_ASN1_ITEM_I2D_FP 193 --- -1.8.3.1 - diff --git a/CVE-2020-1971-0005-Add-a-test-for-GENERAL_NAME_cmp.patch b/CVE-2020-1971-0005-Add-a-test-for-GENERAL_NAME_cmp.patch deleted file mode 100644 index 614df6cb5f53dbc137297ad70e706a549dc90635..0000000000000000000000000000000000000000 --- a/CVE-2020-1971-0005-Add-a-test-for-GENERAL_NAME_cmp.patch +++ /dev/null @@ -1,372 +0,0 @@ -From 94ece6af0c89d596f9c5221b7df7d6582168c8ba Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Mon, 30 Nov 2020 13:50:52 +0000 -Subject: [PATCH 05/31] Add a test for GENERAL_NAME_cmp - -Based on a boringssl test contributed by David Benjamin - -Reviewed-by: Tomas Mraz ---- - test/v3nametest.c | 344 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 344 insertions(+) - -diff --git a/test/v3nametest.c b/test/v3nametest.c -index 86f3829..4c8af92 100644 ---- a/test/v3nametest.c -+++ b/test/v3nametest.c -@@ -359,8 +359,352 @@ static int call_run_cert(int i) - return failed == 0; - } - -+struct gennamedata { -+ const unsigned char der[22]; -+ size_t derlen; -+} gennames[] = { -+ { -+ /* -+ * [0] { -+ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } -+ * [0] { -+ * SEQUENCE {} -+ * } -+ * } -+ */ -+ { -+ 0xa0, 0x13, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, -+ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x02, 0x30, 0x00 -+ }, -+ 21 -+ }, { -+ /* -+ * [0] { -+ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } -+ * [0] { -+ * [APPLICATION 0] {} -+ * } -+ * } -+ */ -+ { -+ 0xa0, 0x13, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, -+ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x02, 0x60, 0x00 -+ }, -+ 21 -+ }, { -+ /* -+ * [0] { -+ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } -+ * [0] { -+ * UTF8String { "a" } -+ * } -+ * } -+ */ -+ { -+ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, -+ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x0c, 0x01, 0x61 -+ }, -+ 22 -+ }, { -+ /* -+ * [0] { -+ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.2 } -+ * [0] { -+ * UTF8String { "a" } -+ * } -+ * } -+ */ -+ { -+ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, -+ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x02, 0xa0, 0x03, 0x0c, 0x01, 0x61 -+ }, -+ 22 -+ }, { -+ /* -+ * [0] { -+ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } -+ * [0] { -+ * UTF8String { "b" } -+ * } -+ * } -+ */ -+ { -+ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, -+ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x0c, 0x01, 0x62 -+ }, -+ 22 -+ }, { -+ /* -+ * [0] { -+ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } -+ * [0] { -+ * BOOLEAN { TRUE } -+ * } -+ * } -+ */ -+ { -+ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, -+ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x01, 0x01, 0xff -+ }, -+ 22 -+ }, { -+ /* -+ * [0] { -+ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } -+ * [0] { -+ * BOOLEAN { FALSE } -+ * } -+ * } -+ */ -+ { -+ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, -+ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x01, 0x01, 0x00 -+ }, -+ 22 -+ }, { -+ /* [1 PRIMITIVE] { "a" } */ -+ { -+ 0x81, 0x01, 0x61 -+ }, -+ 3 -+ }, { -+ /* [1 PRIMITIVE] { "b" } */ -+ { -+ 0x81, 0x01, 0x62 -+ }, -+ 3 -+ }, { -+ /* [2 PRIMITIVE] { "a" } */ -+ { -+ 0x82, 0x01, 0x61 -+ }, -+ 3 -+ }, { -+ /* [2 PRIMITIVE] { "b" } */ -+ { -+ 0x82, 0x01, 0x62 -+ }, -+ 3 -+ }, { -+ /* -+ * [4] { -+ * SEQUENCE { -+ * SET { -+ * SEQUENCE { -+ * # commonName -+ * OBJECT_IDENTIFIER { 2.5.4.3 } -+ * UTF8String { "a" } -+ * } -+ * } -+ * } -+ * } -+ */ -+ { -+ 0xa4, 0x0e, 0x30, 0x0c, 0x31, 0x0a, 0x30, 0x08, 0x06, 0x03, 0x55, -+ 0x04, 0x03, 0x0c, 0x01, 0x61 -+ }, -+ 16 -+ }, { -+ /* -+ * [4] { -+ * SEQUENCE { -+ * SET { -+ * SEQUENCE { -+ * # commonName -+ * OBJECT_IDENTIFIER { 2.5.4.3 } -+ * UTF8String { "b" } -+ * } -+ * } -+ * } -+ * } -+ */ -+ { -+ 0xa4, 0x0e, 0x30, 0x0c, 0x31, 0x0a, 0x30, 0x08, 0x06, 0x03, 0x55, -+ 0x04, 0x03, 0x0c, 0x01, 0x62 -+ }, -+ 16 -+ }, { -+ /* -+ * [5] { -+ * [1] { -+ * UTF8String { "a" } -+ * } -+ * } -+ */ -+ { -+ 0xa5, 0x05, 0xa1, 0x03, 0x0c, 0x01, 0x61 -+ }, -+ 7 -+ }, { -+ /* -+ * [5] { -+ * [1] { -+ * UTF8String { "b" } -+ * } -+ * } -+ */ -+ { -+ 0xa5, 0x05, 0xa1, 0x03, 0x0c, 0x01, 0x62 -+ }, -+ 7 -+ }, { -+ /* -+ * [5] { -+ * [0] { -+ * UTF8String {} -+ * } -+ * [1] { -+ * UTF8String { "a" } -+ * } -+ * } -+ */ -+ { -+ 0xa5, 0x09, 0xa0, 0x02, 0x0c, 0x00, 0xa1, 0x03, 0x0c, 0x01, 0x61 -+ }, -+ 11 -+ }, { -+ /* -+ * [5] { -+ * [0] { -+ * UTF8String { "a" } -+ * } -+ * [1] { -+ * UTF8String { "a" } -+ * } -+ * } -+ */ -+ { -+ 0xa5, 0x0a, 0xa0, 0x03, 0x0c, 0x01, 0x61, 0xa1, 0x03, 0x0c, 0x01, -+ 0x61 -+ }, -+ 12 -+ }, { -+ /* -+ * [5] { -+ * [0] { -+ * UTF8String { "b" } -+ * } -+ * [1] { -+ * UTF8String { "a" } -+ * } -+ * } -+ */ -+ { -+ 0xa5, 0x0a, 0xa0, 0x03, 0x0c, 0x01, 0x62, 0xa1, 0x03, 0x0c, 0x01, -+ 0x61 -+ }, -+ 12 -+ }, { -+ /* [6 PRIMITIVE] { "a" } */ -+ { -+ 0x86, 0x01, 0x61 -+ }, -+ 3 -+ }, { -+ /* [6 PRIMITIVE] { "b" } */ -+ { -+ 0x86, 0x01, 0x62 -+ }, -+ 3 -+ }, { -+ /* [7 PRIMITIVE] { `11111111` } */ -+ { -+ 0x87, 0x04, 0x11, 0x11, 0x11, 0x11 -+ }, -+ 6 -+ }, { -+ /* [7 PRIMITIVE] { `22222222`} */ -+ { -+ 0x87, 0x04, 0x22, 0x22, 0x22, 0x22 -+ }, -+ 6 -+ }, { -+ /* [7 PRIMITIVE] { `11111111111111111111111111111111` } */ -+ { -+ 0x87, 0x10, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, -+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11 -+ }, -+ 18 -+ }, { -+ /* [7 PRIMITIVE] { `22222222222222222222222222222222` } */ -+ { -+ 0x87, 0x10, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, -+ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 -+ }, -+ 18 -+ }, { -+ /* [8 PRIMITIVE] { 1.2.840.113554.4.1.72585.2.1 } */ -+ { -+ 0x88, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, -+ 0xb7, 0x09, 0x02, 0x01 -+ }, -+ 15 -+ }, { -+ /* [8 PRIMITIVE] { 1.2.840.113554.4.1.72585.2.2 } */ -+ { -+ 0x88, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, -+ 0xb7, 0x09, 0x02, 0x02 -+ }, -+ 15 -+ } -+}; -+ -+static int test_GENERAL_NAME_cmp(void) -+{ -+ size_t i, j; -+ GENERAL_NAME **namesa = OPENSSL_malloc(sizeof(*namesa) -+ * OSSL_NELEM(gennames)); -+ GENERAL_NAME **namesb = OPENSSL_malloc(sizeof(*namesb) -+ * OSSL_NELEM(gennames)); -+ int testresult = 0; -+ -+ if (!TEST_ptr(namesa) || !TEST_ptr(namesb)) -+ goto end; -+ -+ for (i = 0; i < OSSL_NELEM(gennames); i++) { -+ const unsigned char *derp = gennames[i].der; -+ -+ /* -+ * We create two versions of each GENERAL_NAME so that we ensure when -+ * we compare them they are always different pointers. -+ */ -+ namesa[i] = d2i_GENERAL_NAME(NULL, &derp, gennames[i].derlen); -+ derp = gennames[i].der; -+ namesb[i] = d2i_GENERAL_NAME(NULL, &derp, gennames[i].derlen); -+ if (!TEST_ptr(namesa[i]) || !TEST_ptr(namesb[i])) -+ goto end; -+ } -+ -+ /* Every name should be equal to itself and not equal to any others. */ -+ for (i = 0; i < OSSL_NELEM(gennames); i++) { -+ for (j = 0; j < OSSL_NELEM(gennames); j++) { -+ if (i == j) { -+ if (!TEST_int_eq(GENERAL_NAME_cmp(namesa[i], namesb[j]), 0)) -+ goto end; -+ } else { -+ if (!TEST_int_ne(GENERAL_NAME_cmp(namesa[i], namesb[j]), 0)) -+ goto end; -+ } -+ } -+ } -+ testresult = 1; -+ -+ end: -+ for (i = 0; i < OSSL_NELEM(gennames); i++) { -+ if (namesa != NULL) -+ GENERAL_NAME_free(namesa[i]); -+ if (namesb != NULL) -+ GENERAL_NAME_free(namesb[i]); -+ } -+ OPENSSL_free(namesa); -+ OPENSSL_free(namesb); -+ -+ return testresult; -+} -+ - int setup_tests(void) - { - ADD_ALL_TESTS(call_run_cert, OSSL_NELEM(name_fns)); -+ ADD_TEST(test_GENERAL_NAME_cmp); - return 1; - } --- -1.8.3.1 - diff --git a/CVE-2020-1971-0006-Add-a-test-for-encoding-decoding-using-an-invalid-AS.patch b/CVE-2020-1971-0006-Add-a-test-for-encoding-decoding-using-an-invalid-AS.patch deleted file mode 100644 index 8569490033edee8dd6780c8c7e9430f26d972c20..0000000000000000000000000000000000000000 --- a/CVE-2020-1971-0006-Add-a-test-for-encoding-decoding-using-an-invalid-AS.patch +++ /dev/null @@ -1,121 +0,0 @@ -From 433974af7b188d55b1da049b84f3fdeca320cb6a Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Mon, 30 Nov 2020 14:46:47 +0000 -Subject: [PATCH 06/31] Add a test for encoding/decoding using an invalid ASN.1 - Template - -If you have a CHOICE type that it must use explicit tagging - otherwise -the template is invalid. We add tests for this. - -Reviewed-by: Tomas Mraz ---- - test/asn1_decode_test.c | 36 ++++++++++++++++++++++++++++++++++++ - test/asn1_encode_test.c | 33 +++++++++++++++++++++++++++++++++ - 2 files changed, 69 insertions(+) - -diff --git a/test/asn1_decode_test.c b/test/asn1_decode_test.c -index 369023d..94a22c6 100644 ---- a/test/asn1_decode_test.c -+++ b/test/asn1_decode_test.c -@@ -160,6 +160,41 @@ static int test_uint64(void) - return 1; - } - -+typedef struct { -+ ASN1_STRING *invalidDirString; -+} INVALIDTEMPLATE; -+ -+ASN1_SEQUENCE(INVALIDTEMPLATE) = { -+ /* -+ * DirectoryString is a CHOICE type so it must use explicit tagging - -+ * but we deliberately use implicit here, which makes this template invalid. -+ */ -+ ASN1_IMP(INVALIDTEMPLATE, invalidDirString, DIRECTORYSTRING, 12) -+} static_ASN1_SEQUENCE_END(INVALIDTEMPLATE) -+ -+IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(INVALIDTEMPLATE) -+IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(INVALIDTEMPLATE) -+ -+/* Empty sequence for invalid template test */ -+static unsigned char t_invalid_template[] = { -+ 0x30, 0x03, /* SEQUENCE tag + length */ -+ 0x0c, 0x01, 0x41 /* UTF8String, length 1, "A" */ -+}; -+ -+static int test_invalid_template(void) -+{ -+ const unsigned char *p = t_invalid_template; -+ INVALIDTEMPLATE *tmp = d2i_INVALIDTEMPLATE(NULL, &p, -+ sizeof(t_invalid_template)); -+ -+ /* We expect a NULL pointer return */ -+ if (TEST_ptr_null(tmp)) -+ return 1; -+ -+ INVALIDTEMPLATE_free(tmp); -+ return 0; -+} -+ - int setup_tests(void) - { - #if OPENSSL_API_COMPAT < 0x10200000L -@@ -169,5 +204,6 @@ int setup_tests(void) - ADD_TEST(test_uint32); - ADD_TEST(test_int64); - ADD_TEST(test_uint64); -+ ADD_TEST(test_invalid_template); - return 1; - } -diff --git a/test/asn1_encode_test.c b/test/asn1_encode_test.c -index ed920a4..afbd18b 100644 ---- a/test/asn1_encode_test.c -+++ b/test/asn1_encode_test.c -@@ -856,6 +856,38 @@ static int test_uint64(void) - return test_intern(&uint64_test_package); - } - -+typedef struct { -+ ASN1_STRING *invalidDirString; -+} INVALIDTEMPLATE; -+ -+ASN1_SEQUENCE(INVALIDTEMPLATE) = { -+ /* -+ * DirectoryString is a CHOICE type so it must use explicit tagging - -+ * but we deliberately use implicit here, which makes this template invalid. -+ */ -+ ASN1_IMP(INVALIDTEMPLATE, invalidDirString, DIRECTORYSTRING, 12) -+} static_ASN1_SEQUENCE_END(INVALIDTEMPLATE) -+ -+IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(INVALIDTEMPLATE) -+IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(INVALIDTEMPLATE) -+ -+static int test_invalid_template(void) -+{ -+ INVALIDTEMPLATE *temp = INVALIDTEMPLATE_new(); -+ int ret; -+ -+ if (!TEST_ptr(temp)) -+ return 0; -+ -+ ret = i2d_INVALIDTEMPLATE(temp, NULL); -+ -+ INVALIDTEMPLATE_free(temp); -+ -+ /* We expect the i2d operation to fail */ -+ return ret < 0; -+} -+ -+ - int setup_tests(void) - { - #if OPENSSL_API_COMPAT < 0x10200000L -@@ -866,5 +898,6 @@ int setup_tests(void) - ADD_TEST(test_uint32); - ADD_TEST(test_int64); - ADD_TEST(test_uint64); -+ ADD_TEST(test_invalid_template); - return 1; - } --- -1.8.3.1 - diff --git a/CVE-2021-23840.patch b/CVE-2021-23840.patch deleted file mode 100644 index f9f7bee09393e0af5bd0a6292aad913f8cb3ff3a..0000000000000000000000000000000000000000 --- a/CVE-2021-23840.patch +++ /dev/null @@ -1,140 +0,0 @@ -From 6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Tue, 2 Feb 2021 17:17:23 +0000 -Subject: [PATCH] Don't overflow the output length in EVP_CipherUpdate calls - -CVE-2021-23840 - -Reviewed-by: Paul Dale ---- - crypto/err/openssl.txt | 3 ++- - crypto/evp/evp_enc.c | 27 +++++++++++++++++++++++++++ - crypto/evp/evp_err.c | 4 +++- - include/openssl/evperr.h | 7 +++---- - 4 files changed, 35 insertions(+), 6 deletions(-) - -diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt -index 815460b..7e17763 100644 ---- a/crypto/err/openssl.txt -+++ b/crypto/err/openssl.txt -@@ -1,4 +1,4 @@ --# Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. -+# Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. - # - # Licensed under the OpenSSL license (the "License"). You may not use - # this file except in compliance with the License. You can obtain a copy -@@ -2283,6 +2283,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only oneshot supported - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\ - operation not supported for this keytype - EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized -+EVP_R_OUTPUT_WOULD_OVERFLOW:184:output would overflow - EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers - EVP_R_PBKDF2_ERROR:181:pbkdf2 error - EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\ -diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c -index b9b6490..0843caf 100644 ---- a/crypto/evp/evp_enc.c -+++ b/crypto/evp/evp_enc.c -@@ -8,6 +8,7 @@ - */ - - #include -+#include - #include - #include "internal/cryptlib.h" - #include -@@ -355,6 +356,19 @@ static int evp_EncryptDecryptUpdate(EVP_CIPHER_CTX *ctx, - return 1; - } else { - j = bl - i; -+ -+ /* -+ * Once we've processed the first j bytes from in, the amount of -+ * data left that is a multiple of the block length is: -+ * (inl - j) & ~(bl - 1) -+ * We must ensure that this amount of data, plus the one block that -+ * we process from ctx->buf does not exceed INT_MAX -+ */ -+ if (((inl - j) & ~(bl - 1)) > INT_MAX - bl) { -+ EVPerr(EVP_F_EVP_ENCRYPTDECRYPTUPDATE, -+ EVP_R_OUTPUT_WOULD_OVERFLOW); -+ return 0; -+ } - memcpy(&(ctx->buf[i]), in, j); - inl -= j; - in += j; -@@ -502,6 +516,19 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING); - return 0; - } -+ /* -+ * final_used is only ever set if buf_len is 0. Therefore the maximum -+ * length output we will ever see from evp_EncryptDecryptUpdate is -+ * the maximum multiple of the block length that is <= inl, or just: -+ * inl & ~(b - 1) -+ * Since final_used has been set then the final output length is: -+ * (inl & ~(b - 1)) + b -+ * This must never exceed INT_MAX -+ */ -+ if ((inl & ~(b - 1)) > INT_MAX - b) { -+ EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_OUTPUT_WOULD_OVERFLOW); -+ return 0; -+ } - memcpy(out, ctx->final, b); - out += b; - fix_len = 1; -diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c -index 05481d8..32ac012 100644 ---- a/crypto/evp/evp_err.c -+++ b/crypto/evp/evp_err.c -@@ -1,6 +1,6 @@ - /* - * Generated by util/mkerr.pl DO NOT EDIT -- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy -@@ -239,6 +239,8 @@ static const ERR_STRING_DATA EVP_str_reasons[] = { - "operation not supported for this keytype"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED), - "operaton not initialized"}, -+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OUTPUT_WOULD_OVERFLOW), -+ "output would overflow"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING), - "partially overlapping buffers"}, - {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"}, -diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h -index d2b26ea..b4ea90a 100644 ---- a/include/openssl/evperr.h -+++ b/include/openssl/evperr.h -@@ -1,6 +1,6 @@ - /* - * Generated by util/mkerr.pl DO NOT EDIT -- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. -+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy -@@ -11,9 +11,7 @@ - #ifndef HEADER_EVPERR_H - # define HEADER_EVPERR_H - --# ifndef HEADER_SYMHACKS_H --# include --# endif -+# include - - # ifdef __cplusplus - extern "C" -@@ -179,6 +177,7 @@ int ERR_load_EVP_strings(void); - # define EVP_R_ONLY_ONESHOT_SUPPORTED 177 - # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 - # define EVP_R_OPERATON_NOT_INITIALIZED 151 -+# define EVP_R_OUTPUT_WOULD_OVERFLOW 184 - # define EVP_R_PARTIALLY_OVERLAPPING 162 - # define EVP_R_PBKDF2_ERROR 181 - # define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179 --- -1.8.3.1 - diff --git a/CVE-2021-23841.patch b/CVE-2021-23841.patch deleted file mode 100644 index 87cfdf29f15a7c3233bb642ee7b163c16a3169f9..0000000000000000000000000000000000000000 --- a/CVE-2021-23841.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 122a19ab48091c657f7cb1fb3af9fc07bd557bbf Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Wed, 10 Feb 2021 16:10:36 +0000 -Subject: [PATCH] Fix Null pointer deref in X509_issuer_and_serial_hash() - -The OpenSSL public API function X509_issuer_and_serial_hash() attempts -to create a unique hash value based on the issuer and serial number data -contained within an X509 certificate. However it fails to correctly -handle any errors that may occur while parsing the issuer field (which -might occur if the issuer field is maliciously constructed). This may -subsequently result in a NULL pointer deref and a crash leading to a -potential denial of service attack. - -The function X509_issuer_and_serial_hash() is never directly called by -OpenSSL itself so applications are only vulnerable if they use this -function directly and they use it on certificates that may have been -obtained from untrusted sources. - -CVE-2021-23841 - -Reviewed-by: Richard Levitte -Reviewed-by: Paul Dale -(cherry picked from commit 8130d654d1de922ea224fa18ee3bc7262edc39c0) ---- - crypto/x509/x509_cmp.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c -index c9d8933..a964bbf 100644 ---- a/crypto/x509/x509_cmp.c -+++ b/crypto/x509/x509_cmp.c -@@ -39,6 +39,8 @@ unsigned long X509_issuer_and_serial_hash(X509 *a) - if (ctx == NULL) - goto err; - f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0); -+ if (f == NULL) -+ goto err; - if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL)) - goto err; - if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f))) --- -1.8.3.1 - diff --git a/CVE-2021-3449.patch b/CVE-2021-3449.patch deleted file mode 100644 index 159e14320f3fd21b557c8e789c314158ff7dcbc6..0000000000000000000000000000000000000000 --- a/CVE-2021-3449.patch +++ /dev/null @@ -1,47 +0,0 @@ -From fb9fa6b51defd48157eeb207f52181f735d96148 Mon Sep 17 00:00:00 2001 -From: Peter Kaestle -Date: Mon, 15 Mar 2021 13:19:56 +0100 -Subject: [PATCH] ssl sigalg extension: fix NULL pointer dereference -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -As the variable peer_sigalgslen is not cleared on ssl rehandshake, it's -possible to crash an openssl tls secured server remotely by sending a -manipulated hello message in a rehandshake. - -On such a manipulated rehandshake, tls1_set_shared_sigalgs() calls -tls12_shared_sigalgs() with the peer_sigalgslen of the previous -handshake, while the peer_sigalgs has been freed. -As a result tls12_shared_sigalgs() walks over the available -peer_sigalgs and tries to access data of a NULL pointer. - -This issue was introduced by c589c34e61 (Add support for the TLS 1.3 -signature_algorithms_cert extension, 2018-01-11). - -Signed-off-by: Peter Kästle -Signed-off-by: Samuel Sapalski - -CVE-2021-3449 - -CLA: trivial - -Reviewed-by: Tomas Mraz -Reviewed-by: Paul Dale -Reviewed-by: Matt Caswell ---- - ssl/statem/extensions.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c -index b055935d697b..4aed508d0f03 100644 ---- a/ssl/statem/extensions.c -+++ b/ssl/statem/extensions.c -@@ -1139,6 +1139,7 @@ static int init_sig_algs(SSL *s, unsigned int context) - /* Clear any signature algorithms extension received */ - OPENSSL_free(s->s3->tmp.peer_sigalgs); - s->s3->tmp.peer_sigalgs = NULL; -+ s->s3->tmp.peer_sigalgslen = 0; - - return 1; - } diff --git a/CVE-2021-3711-0001-Check-the-plaintext-buffer-is-large-enough-when-decr.patch b/CVE-2021-3711-0001-Check-the-plaintext-buffer-is-large-enough-when-decr.patch deleted file mode 100644 index 26a3cdc5ba6710bbf6e831ccc8a29574b93caa94..0000000000000000000000000000000000000000 --- a/CVE-2021-3711-0001-Check-the-plaintext-buffer-is-large-enough-when-decr.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 515ac8b5e544dd713a2b4cabfc54b722d122c218 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Fri, 13 Aug 2021 16:58:21 +0100 -Subject: [PATCH] Check the plaintext buffer is large enough when decrypting - SM2 - -Previously there was no check that the supplied buffer was large enough. -It was just assumed to be sufficient. Instead we should check and fail if -not. - -Reviewed-by: Paul Dale -Reviewed-by: Nicola Tuveri - -Reference: https://github.com/openssl/openssl/commit/515ac8b5e544dd713a2b4cabfc54b722d122c218 -Conflict: NA ---- - crypto/sm2/sm2_crypt.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c -index 1188abfc6b..00055a4e51 100644 ---- a/crypto/sm2/sm2_crypt.c -+++ b/crypto/sm2/sm2_crypt.c -@@ -294,6 +294,10 @@ int sm2_decrypt(const EC_KEY *key, - C2 = sm2_ctext->C2->data; - C3 = sm2_ctext->C3->data; - msg_len = sm2_ctext->C2->length; -+ if (*ptext_len < (size_t)msg_len) { -+ SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL); -+ goto done; -+ } - - ctx = BN_CTX_new(); - if (ctx == NULL) { --- -2.23.0 - diff --git a/CVE-2021-3711-0002-Correctly-calculate-the-length-of-SM2-plaintext-give.patch b/CVE-2021-3711-0002-Correctly-calculate-the-length-of-SM2-plaintext-give.patch deleted file mode 100644 index d7373cafd81d89cb89e3c885cdc8e5c269831a47..0000000000000000000000000000000000000000 --- a/CVE-2021-3711-0002-Correctly-calculate-the-length-of-SM2-plaintext-give.patch +++ /dev/null @@ -1,124 +0,0 @@ -From 59f5e75f3bced8fc0e130d72a3f582cf7b480b46 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Fri, 13 Aug 2021 14:14:51 +0100 -Subject: [PATCH] Correctly calculate the length of SM2 plaintext given the - ciphertext - -Previously the length of the SM2 plaintext could be incorrectly calculated. -The plaintext length was calculated by taking the ciphertext length and -taking off an "overhead" value. - -The overhead value was assumed to have a "fixed" element of 10 bytes. -This is incorrect since in some circumstances it can be more than 10 bytes. -Additionally the overhead included the length of two integers C1x and C1y, -which were assumed to be the same length as the field size (32 bytes for -the SM2 curve). However in some cases these integers can have an additional -padding byte when the msb is set, to disambiguate them from negative -integers. Additionally the integers can also be less than 32 bytes in -length in some cases. - -If the calculated overhead is incorrect and larger than the actual value -this can result in the calculated plaintext length being too small. -Applications are likely to allocate buffer sizes based on this and therefore -a buffer overrun can occur. - -CVE-2021-3711 - -Issue reported by John Ouyang. - -Reviewed-by: Paul Dale -Reviewed-by: Nicola Tuveri - -Reference: https://github.com/openssl/openssl/commit/59f5e75f3bced8fc0e130d72a3f582cf7b480b46 -Conflict: NA ---- - crypto/sm2/sm2_crypt.c | 23 +++++++---------------- - crypto/sm2/sm2_pmeth.c | 2 +- - include/crypto/sm2.h | 3 +-- - test/sm2_internal_test.c | 2 +- - 4 files changed, 10 insertions(+), 20 deletions(-) - -diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c -index ef505f6441..1188abfc6b 100644 ---- a/crypto/sm2/sm2_crypt.c -+++ b/crypto/sm2/sm2_crypt.c -@@ -61,29 +61,20 @@ static size_t ec_field_size(const EC_GROUP *group) - return field_size; - } - --int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, -- size_t *pt_size) -+int sm2_plaintext_size(const unsigned char *ct, size_t ct_size, size_t *pt_size) - { -- const size_t field_size = ec_field_size(EC_KEY_get0_group(key)); -- const int md_size = EVP_MD_size(digest); -- size_t overhead; -+ struct SM2_Ciphertext_st *sm2_ctext = NULL; - -- if (md_size < 0) { -- SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_DIGEST); -- return 0; -- } -- if (field_size == 0) { -- SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_FIELD); -- return 0; -- } -+ sm2_ctext = d2i_SM2_Ciphertext(NULL, &ct, ct_size); - -- overhead = 10 + 2 * field_size + (size_t)md_size; -- if (msg_len <= overhead) { -+ if (sm2_ctext == NULL) { - SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_ENCODING); - return 0; - } - -- *pt_size = msg_len - overhead; -+ *pt_size = sm2_ctext->C2->length; -+ SM2_Ciphertext_free(sm2_ctext); -+ - return 1; - } - -diff --git a/crypto/sm2/sm2_pmeth.c b/crypto/sm2/sm2_pmeth.c -index b42a14c32f..27025fbf3a 100644 ---- a/crypto/sm2/sm2_pmeth.c -+++ b/crypto/sm2/sm2_pmeth.c -@@ -151,7 +151,7 @@ static int pkey_sm2_decrypt(EVP_PKEY_CTX *ctx, - const EVP_MD *md = (dctx->md == NULL) ? EVP_sm3() : dctx->md; - - if (out == NULL) { -- if (!sm2_plaintext_size(ec, md, inlen, outlen)) -+ if (!sm2_plaintext_size(in, inlen, outlen)) - return -1; - else - return 1; -diff --git a/include/crypto/sm2.h b/include/crypto/sm2.h -index 76ee80baff..50851a83ce 100644 ---- a/include/crypto/sm2.h -+++ b/include/crypto/sm2.h -@@ -60,8 +60,7 @@ int sm2_verify(const unsigned char *dgst, int dgstlen, - int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, - size_t *ct_size); - --int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, -- size_t *pt_size); -+int sm2_plaintext_size(const unsigned char *ct, size_t ct_size, size_t *pt_size); - - int sm2_encrypt(const EC_KEY *key, - const EVP_MD *digest, -diff --git a/test/sm2_internal_test.c b/test/sm2_internal_test.c -index 2bb73947ff..41827bb82f 100644 ---- a/test/sm2_internal_test.c -+++ b/test/sm2_internal_test.c -@@ -185,7 +185,7 @@ static int test_sm2_crypt(const EC_GROUP *group, - if (!TEST_mem_eq(ctext, ctext_len, expected, ctext_len)) - goto done; - -- if (!TEST_true(sm2_plaintext_size(key, digest, ctext_len, &ptext_len)) -+ if (!TEST_true(sm2_plaintext_size(ctext, ctext_len, &ptext_len)) - || !TEST_int_eq(ptext_len, msg_len)) - goto done; - --- -2.23.0 - diff --git a/CVE-2021-3711-0003-Extend-tests-for-SM2-decryption.patch b/CVE-2021-3711-0003-Extend-tests-for-SM2-decryption.patch deleted file mode 100644 index fda5a457021d5ba0fda1e49610c8223f4f4403b7..0000000000000000000000000000000000000000 --- a/CVE-2021-3711-0003-Extend-tests-for-SM2-decryption.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 733fa41c3fc4bcac37f94aa917f7242420f8a5a6 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Fri, 13 Aug 2021 14:49:47 +0100 -Subject: [PATCH] Extend tests for SM2 decryption - -Check the case where C1y < 32 bytes in length (i.e. short overhead), and -also the case with longer plaintext and C1x and C1y > 32 bytes in length -(i.e. long overhead) - -Reviewed-by: Paul Dale -Reviewed-by: Nicola Tuveri - -Reference: https://github.com/openssl/openssl/commit/733fa41c3fc4bcac37f94aa917f7242420f8a5a6 -Conflict: NA ---- - test/recipes/30-test_evp_data/evppkey.txt | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/test/recipes/30-test_evp_data/evppkey.txt b/test/recipes/30-test_evp_data/evppkey.txt -index 736e0ce4d3..c3947cb000 100644 ---- a/test/recipes/30-test_evp_data/evppkey.txt -+++ b/test/recipes/30-test_evp_data/evppkey.txt -@@ -18444,6 +18444,16 @@ Decrypt = SM2_key1 - Input = 30818A0220466BE2EF5C11782EC77864A0055417F407A5AFC11D653C6BCE69E417BB1D05B6022062B572E21FF0DDF5C726BD3F9FF2EAE56E6294713A607E9B9525628965F62CC804203C1B5713B5DB2728EB7BF775E44F4689FC32668BDC564F52EA45B09E8DF2A5F40422084A9D0CC2997092B7D3C404FCE95956EB604D732B2307A8E5B8900ED6608CA5B197 - Output = "The floofy bunnies hop at midnight" - -+# Test with an C1y value < 32 bytes in length (self generated) -+Decrypt = SM2_key1 -+Input = 3072022070DAD60CDA7C30D64CF4F278A849003581223F5324BFEC9BB329229BFFAD21A6021F18AFAB2B35459D2643243B242BE4EA80C6FA5071D2D847340CC57EB9309E5D04200B772E4DB664B2601E3B85E39C4AA8C2C1910308BE13B331E009C5A9258C29FD040B6D588BE9260A94DA18E0E6 -+Output = "Hello World" -+ -+# Test with an C1x and C1y valuey > 32 bytes in length, and longer plaintext (self generated) -+Decrypt = SM2_key1 -+Input = 3081DD022100CD49634BBCB21CAFFFA6D33669A5A867231CB2A942A14352EF4CAF6DC3344D54022100C35B41D4DEBB3A2735EFEE821B9EBA566BD86900176A0C06672E30EE5CC04E930420C4190A3D80D86C4BD20E99F7E4B59BF6427C6808793533EEA9591D1188EC56B50473747295470E81D951BED279AC1B86A1AFE388CD2833FA9632799EC199C7D364E5663D5A94888BB2358CFCBF6283184DE0CBC41CCEA91D24746E99D231A1DA77AFD83CDF908190ED628B7369724494568A27C782A1D1D7294BCAD80C34569ED22859896301128A8118F48924D8CCD43E998D9533 -+Output = "Some longer plaintext for testing SM2 decryption. Blah blah blah blah blah blah blah blah blah blah blah blah blah." -+ - # This is a "fake" test as it does only verify that the SM2 EVP_PKEY interface - # is capable of creating a signature without failing, but it does not say - # anything about the generated signature being valid, nor does it test the --- -2.23.0 - diff --git a/CVE-2021-3712-0001-Fix-a-read-buffer-overrun-in-X509_aux_print.patch b/CVE-2021-3712-0001-Fix-a-read-buffer-overrun-in-X509_aux_print.patch deleted file mode 100644 index dc9c75781a684bc2679570e4891de489b33018ea..0000000000000000000000000000000000000000 --- a/CVE-2021-3712-0001-Fix-a-read-buffer-overrun-in-X509_aux_print.patch +++ /dev/null @@ -1,63 +0,0 @@ -From d9d838ddc0ed083fb4c26dd067e71aad7c65ad16 Mon Sep 17 00:00:00 2001 -From: Ingo Schwarze -Date: Sun, 18 Jul 2021 17:48:06 +0200 -Subject: [PATCH] Fix a read buffer overrun in X509_aux_print(). - -The ASN1_STRING_get0_data(3) manual explitely cautions the reader -that the data is not necessarily NUL-terminated, and the function -X509_alias_set1(3) does not sanitize the data passed into it in any -way either, so we must assume the return value from X509_alias_get0(3) -is merely a byte array and not necessarily a string in the sense -of the C language. - -I found this bug while writing manual pages for X509_print_ex(3) -and related functions. Theo Buehler checked my -patch to fix the same bug in LibreSSL, see - -http://cvsweb.openbsd.org/src/lib/libcrypto/asn1/t_x509a.c#rev1.9 - -As an aside, note that the function still produces incomplete and -misleading results when the data contains a NUL byte in the middle -and that error handling is consistently absent throughout, even -though the function provides an "int" return value obviously intended -to be 1 for success and 0 for failure, and even though this function -is called by another function that also wants to return 1 for success -and 0 for failure and even does so in many of its code paths, though -not in others. But let's stay focussed. Many things would be nice -to have in the wide wild world, but a buffer overflow must not be -allowed to remain in our backyard. - -CLA: trivial - -Reviewed-by: Tim Hudson -Reviewed-by: Paul Dale -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/16108) - -(cherry picked from commit c5dc9ab965f2a69bca964c709e648158f3e4cd67) - -Reference: https://github.com/openssl/openssl/commit/d9d838ddc0ed083fb4c26dd067e71aad7c65ad16 -Conflict: NA ---- - crypto/x509/t_x509.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c -index 12d807f705..3ba0b3a045 100644 ---- a/crypto/x509/t_x509.c -+++ b/crypto/x509/t_x509.c -@@ -365,9 +365,9 @@ int X509_aux_print(BIO *out, X509 *x, int indent) - BIO_puts(out, "\n"); - } else - BIO_printf(out, "%*sNo Rejected Uses.\n", indent, ""); -- alias = X509_alias_get0(x, NULL); -+ alias = X509_alias_get0(x, &i); - if (alias) -- BIO_printf(out, "%*sAlias: %s\n", indent, "", alias); -+ BIO_printf(out, "%*sAlias: %.*s\n", indent, "", i, alias); - keyid = X509_keyid_get0(x, &keyidlen); - if (keyid) { - BIO_printf(out, "%*sKey Id: ", indent, ""); --- -2.23.0 - diff --git a/CVE-2021-3712-0002-Fix-EC_GROUP_new_from_ecparameters-to-check-the-base.patch b/CVE-2021-3712-0002-Fix-EC_GROUP_new_from_ecparameters-to-check-the-base.patch deleted file mode 100644 index bb770f1045161a30022219c85637b44d1a032cb9..0000000000000000000000000000000000000000 --- a/CVE-2021-3712-0002-Fix-EC_GROUP_new_from_ecparameters-to-check-the-base.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 94d23fcff9b2a7a8368dfe52214d5c2569882c11 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Thu, 19 Aug 2021 12:24:17 +0100 -Subject: [PATCH] Fix EC_GROUP_new_from_ecparameters to check the base length - -Check that there's at least one byte in params->base before trying to -read it. - -CVE-2021-3712 - -Reviewed-by: Viktor Dukhovni -Reviewed-by: Paul Dale - -Reference: https://github.com/openssl/openssl/commit/94d23fcff9b2a7a8368dfe52214d5c2569882c11 -Conflict: NA ---- - crypto/ec/ec_asn1.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c -index 7b7c75ce84..e497a25909 100644 ---- a/crypto/ec/ec_asn1.c -+++ b/crypto/ec/ec_asn1.c -@@ -761,7 +761,10 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params) - ret->seed_len = params->curve->seed->length; - } - -- if (!params->order || !params->base || !params->base->data) { -+ if (params->order == NULL -+ || params->base == NULL -+ || params->base->data == NULL -+ || params->base->length == 0) { - ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR); - goto err; - } --- -2.23.0 - diff --git a/bugfix-Don-t-Overflow-when-printing-Thawte-Strong-Extranet-.patch b/bugfix-Don-t-Overflow-when-printing-Thawte-Strong-Extranet-.patch deleted file mode 100644 index ea54d4fdf756d17055798160b2c168b242f83a52..0000000000000000000000000000000000000000 --- a/bugfix-Don-t-Overflow-when-printing-Thawte-Strong-Extranet-.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 61b0fead5e6079ca826594df5b9ca00e65883cb0 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Thu, 19 Nov 2020 13:58:21 +0000 -Subject: [PATCH] Don't Overflow when printing Thawte Strong Extranet Version - -When printing human readable info on the Thawte Strong Extranet extension -the version number could overflow if the version number == LONG_MAX. This -is undefined behaviour. - -Issue found by OSSFuzz. - -Reviewed-by: Ben Kaduk -(Merged from https://github.com/openssl/openssl/pull/13452) ---- - crypto/x509v3/v3_sxnet.c | 18 +++++++++++++++--- - 1 files changed, 15 insertions(+), 3 deletions(-) - -diff --git a/crypto/x509v3/v3_sxnet.c b/crypto/x509v3/v3_sxnet.c -index 76f5eafc73..6e2b796a38 100644 ---- a/crypto/x509v3/v3_sxnet.c -+++ b/crypto/x509v3/v3_sxnet.c -@@ -57,12 +57,24 @@ IMPLEMENT_ASN1_FUNCTIONS(SXNET) - static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, - int indent) - { -- long v; -+ int64_t v; - char *tmp; - SXNETID *id; - int i; -- v = ASN1_INTEGER_get(sx->version); -- BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v); -+ -+ /* -+ * Since we add 1 to the version number to display it, we don't support -+ * LONG_MAX since that would cause on overflow. -+ */ -+ if (!ASN1_INTEGER_get_int64(&v, sx->version) -+ || v >= LONG_MAX -+ || v < LONG_MIN) { -+ BIO_printf(out, "%*sVersion: ", indent, ""); -+ } else { -+ long vl = (long)v; -+ -+ BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", vl + 1, vl); -+ } - for (i = 0; i < sk_SXNETID_num(sx->ids); i++) { - id = sk_SXNETID_value(sx->ids, i); - tmp = i2s_ASN1_INTEGER(NULL, id->zone); - --- -2.23.0 - diff --git a/openssl-1.1.1f.tar.gz b/openssl-1.1.1f.tar.gz deleted file mode 100644 index 4bcec00f31b93c7bb0371a57a37153e51e58e713..0000000000000000000000000000000000000000 Binary files a/openssl-1.1.1f.tar.gz and /dev/null differ diff --git a/openssl-1.1.1l.tar.gz b/openssl-1.1.1m.tar.gz similarity index 55% rename from openssl-1.1.1l.tar.gz rename to openssl-1.1.1m.tar.gz index 81be7f98f0cb9158bea8a594298fc21fb6c6082f..2db4ee8e8886de8356fa9fdea6d4d99ec5c410e0 100644 Binary files a/openssl-1.1.1l.tar.gz and b/openssl-1.1.1m.tar.gz differ diff --git a/openssl.spec b/openssl.spec index 38deb8a3dfa933a73517b119d439b5f057e46a40..a32e314d6bd812794f300207ce4ca2a3af0671ed 100644 --- a/openssl.spec +++ b/openssl.spec @@ -1,7 +1,7 @@ %define soversion 1.1 Name: openssl Epoch: 1 -Version: 1.1.1l +Version: 1.1.1m Release: 1 Summary: Cryptography and SSL/TLS Toolkit License: OpenSSL and SSLeay @@ -10,22 +10,6 @@ Source0: https://www.openssl.org/source/%{name}-%{version}.tar.gz Source1: Makefile.certificate Patch1: openssl-1.1.1-build.patch Patch2: openssl-1.1.1-fips.patch -#Patch3: CVE-2020-1967.patch -#Patch4: CVE-2020-1971-0001-DirectoryString-is-a-CHOICE-type-and-therefore-uses-.patch -#Patch5: CVE-2020-1971-0002-Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch -#Patch6: CVE-2020-1971-0003-Check-that-multi-strings-CHOICE-types-don-t-use-impl.patch -#Patch7: CVE-2020-1971-0004-Complain-if-we-are-attempting-to-encode-with-an-inva.patch -#Patch8: CVE-2020-1971-0005-Add-a-test-for-GENERAL_NAME_cmp.patch -#Patch9: CVE-2020-1971-0006-Add-a-test-for-encoding-decoding-using-an-invalid-AS.patch -#Patch10: CVE-2021-23840.patch -#Patch11: CVE-2021-23841.patch -#Patch12: CVE-2021-3449.patch -#Patch13: CVE-2021-3711-0001-Check-the-plaintext-buffer-is-large-enough-when-decr.patch -#Patch14: CVE-2021-3711-0002-Correctly-calculate-the-length-of-SM2-plaintext-give.patch -#Patch15: CVE-2021-3711-0003-Extend-tests-for-SM2-decryption.patch -#Patch16: CVE-2021-3712-0001-Fix-a-read-buffer-overrun-in-X509_aux_print.patch -#Patch17: CVE-2021-3712-0002-Fix-EC_GROUP_new_from_ecparameters-to-check-the-base.patch -#Patch18: bugfix-Don-t-Overflow-when-printing-Thawte-Strong-Extranet-.patch BuildRequires: gcc perl make lksctp-tools-devel coreutils util-linux zlib-devel @@ -137,6 +121,13 @@ for manpage in man*/* ; do done popd +# Next step of gradual disablement of ssl3. +# Make SSL3 disappear to newly built dependencies. +sed -i '/^\#ifndef OPENSSL_NO_SSL_TRACE/i\ +#ifndef OPENSSL_NO_SSL3\ +# define OPENSSL_NO_SSL3\ +#endif' $RPM_BUILD_ROOT/%{_prefix}/include/openssl/opensslconf.h + rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/*.dist %check @@ -202,6 +193,9 @@ make test || : %{_pkgdocdir}/html/ %changelog +* Tue Dec 28 2021 Buildteam - 1:1.1.1m-1 +- update openssl-1.1.1l to openssl-1.1.1m + * Wed Dec 8 2021 lujie42 - 1:1.1.1l-1 - update openssl-1.1.1f to openssl-1.1.1l