Pullup ticket #3698 - requested by pettai security/openssl: security patch Revisions pulled up: - security/openssl/Makefile 1.162 - security/openssl/distinfo 1.85 - security/openssl/patches/patch-asn_mime.c 1.1 --- Module Name: pkgsrc Committed By: pettai Date: Mon Mar 5 00:26:55 UTC 2012 Modified Files: pkgsrc/security/openssl: Makefile distinfo Added Files: pkgsrc/security/openssl/patches: patch-asn_mime.c Log Message: Add fix for CVE-2006-7250diff -r1.159.2.1 -r1.159.2.2 pkgsrc/security/openssl/Makefile
(tron)
@@ -1,37 +1,38 @@ | @@ -1,37 +1,38 @@ | |||
1 | # $NetBSD: Makefile,v 1.159.2.1 2012/01/19 06:11:48 sbd Exp $ | 1 | # $NetBSD: Makefile,v 1.159.2.2 2012/03/06 10:29:29 tron Exp $ | |
2 | 2 | |||
3 | OPENSSL_SNAPSHOT?= # empty | 3 | OPENSSL_SNAPSHOT?= # empty | |
4 | OPENSSL_STABLE?= # empty | 4 | OPENSSL_STABLE?= # empty | |
5 | OPENSSL_VERS?= 0.9.8t | 5 | OPENSSL_VERS?= 0.9.8t | |
6 | 6 | |||
7 | .if empty(OPENSSL_SNAPSHOT) | 7 | .if empty(OPENSSL_SNAPSHOT) | |
8 | DISTNAME= openssl-${OPENSSL_VERS} | 8 | DISTNAME= openssl-${OPENSSL_VERS} | |
9 | MASTER_SITES= ftp://ftp.openssl.org/source/ \ | 9 | MASTER_SITES= ftp://ftp.openssl.org/source/ \ | |
10 | ftp://sunsite.cnlab-switch.ch/mirror/openssl/source/ \ | 10 | ftp://sunsite.cnlab-switch.ch/mirror/openssl/source/ \ | |
11 | ftp://sunsite.uio.no/pub/security/openssl/source/ | 11 | ftp://sunsite.uio.no/pub/security/openssl/source/ | |
12 | .else | 12 | .else | |
13 | . if !empty(OPENSSL_STABLE:M[yY][eE][sS]) | 13 | . if !empty(OPENSSL_STABLE:M[yY][eE][sS]) | |
14 | DISTNAME= openssl-${OPENSSL_VERS:C/[a-z]$//}-stable-SNAP-${OPENSSL_SNAPSHOT} | 14 | DISTNAME= openssl-${OPENSSL_VERS:C/[a-z]$//}-stable-SNAP-${OPENSSL_SNAPSHOT} | |
15 | PKGNAME= openssl-${OPENSSL_VERS}beta${OPENSSL_SNAPSHOT} | 15 | PKGNAME= openssl-${OPENSSL_VERS}beta${OPENSSL_SNAPSHOT} | |
16 | MASTER_SITES= ftp://ftp.openssl.org/snapshot/ | 16 | MASTER_SITES= ftp://ftp.openssl.org/snapshot/ | |
17 | . else | 17 | . else | |
18 | DISTNAME= openssl-SNAP-${OPENSSL_SNAPSHOT} | 18 | DISTNAME= openssl-SNAP-${OPENSSL_SNAPSHOT} | |
19 | PKGNAME= openssl-${OPENSSL_VERS}alpha${OPENSSL_SNAPSHOT} | 19 | PKGNAME= openssl-${OPENSSL_VERS}alpha${OPENSSL_SNAPSHOT} | |
20 | MASTER_SITES= ftp://ftp.openssl.org/snapshot/ | 20 | MASTER_SITES= ftp://ftp.openssl.org/snapshot/ | |
21 | . endif | 21 | . endif | |
22 | .endif | 22 | .endif | |
23 | 23 | |||
24 | SVR4_PKGNAME= ossl | 24 | SVR4_PKGNAME= ossl | |
25 | PKGREVISION= 1 | |||
25 | CATEGORIES= security | 26 | CATEGORIES= security | |
26 | MAINTAINER= pkgsrc-users@NetBSD.org | 27 | MAINTAINER= pkgsrc-users@NetBSD.org | |
27 | HOMEPAGE= http://www.openssl.org/ | 28 | HOMEPAGE= http://www.openssl.org/ | |
28 | COMMENT= Secure Socket Layer and cryptographic library | 29 | COMMENT= Secure Socket Layer and cryptographic library | |
29 | 30 | |||
30 | CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]* | 31 | CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]* | |
31 | 32 | |||
32 | CRYPTO= yes | 33 | CRYPTO= yes | |
33 | 34 | |||
34 | PKG_INSTALLATION_TYPES= overwrite pkgviews | 35 | PKG_INSTALLATION_TYPES= overwrite pkgviews | |
35 | PKG_DESTDIR_SUPPORT= user-destdir | 36 | PKG_DESTDIR_SUPPORT= user-destdir | |
36 | 37 | |||
37 | .include "../../mk/bsd.prefs.mk" | 38 | .include "../../mk/bsd.prefs.mk" |
@@ -1,13 +1,14 @@ | @@ -1,13 +1,14 @@ | |||
1 | $NetBSD: distinfo,v 1.83.2.1 2012/01/19 06:11:48 sbd Exp $ | 1 | $NetBSD: distinfo,v 1.83.2.2 2012/03/06 10:29:29 tron Exp $ | |
2 | 2 | |||
3 | SHA1 (openssl-0.9.8t.tar.gz) = 42e2ba06cc859d61f645915c9a30326eda371a5e | 3 | SHA1 (openssl-0.9.8t.tar.gz) = 42e2ba06cc859d61f645915c9a30326eda371a5e | |
4 | RMD160 (openssl-0.9.8t.tar.gz) = 8d5a32ebc94c578021bce519f92b5d31743d3e47 | 4 | RMD160 (openssl-0.9.8t.tar.gz) = 8d5a32ebc94c578021bce519f92b5d31743d3e47 | |
5 | Size (openssl-0.9.8t.tar.gz) = 3778943 bytes | 5 | Size (openssl-0.9.8t.tar.gz) = 3778943 bytes | |
6 | SHA1 (patch-aa) = eb25505e8a745eb5ba85f857b0f9302fd5e9bda1 | 6 | SHA1 (patch-aa) = eb25505e8a745eb5ba85f857b0f9302fd5e9bda1 | |
7 | SHA1 (patch-ac) = 6ff4a20440666f5c520837e10547091e1bee2208 | 7 | SHA1 (patch-ac) = 6ff4a20440666f5c520837e10547091e1bee2208 | |
8 | SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3 | 8 | SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3 | |
9 | SHA1 (patch-ae) = 7a58f1765a3761321dcc8dafc5fe2e33207be480 | 9 | SHA1 (patch-ae) = 7a58f1765a3761321dcc8dafc5fe2e33207be480 | |
10 | SHA1 (patch-af) = 2610930b6b06397fa2e3955b3244c02193f5b7a6 | 10 | SHA1 (patch-af) = 2610930b6b06397fa2e3955b3244c02193f5b7a6 | |
11 | SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8 | 11 | SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8 | |
12 | SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0 | 12 | SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0 | |
13 | SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302 | 13 | SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302 | |
14 | SHA1 (patch-asn_mime.c) = 45c25660b03687a014e54a24343f775e0e6b9b71 |
$NetBSD: patch-asn_mime.c,v 1.1.2.2 2012/03/06 10:29:30 tron Exp $
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7250
--- crypto/asn1/asn_mime.c.orig 2012-03-05 00:08:44.000000000 +0000
+++ crypto/asn1/asn_mime.c
@@ -790,6 +790,10 @@ static int mime_hdr_addparam(MIME_HEADER
static int mime_hdr_cmp(const MIME_HEADER * const *a,
const MIME_HEADER * const *b)
{
+ if ((*a)->name == NULL || (*b)->name == NULL)
+ return (*a)->name - (*b)->name < 0 ? -1 :
+ (*a)->name - (*b)->name > 0 ? 1 : 0;
+
return(strcmp((*a)->name, (*b)->name));
}