os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add patch errata and revised advisory.

Browse source
This commit is contained in:
Xin LI 2015-03-20 07:25:28 +00:00
parent f507ad7318
commit d12c50eb58
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=46361
5 changed files with 225 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

68
share/security/advisories/FreeBSD-SA-15:06.openssl.asc
View file

@ -9,14 +9,14 @@ Topic: Multiple OpenSSL vulnerabilities
Category: contrib Category: contrib
Module: openssl Module: openssl
Announced: 2015-03-19 Announced: 2015-03-19; Last revised on 2015-03-20.
Affects: All supported versions of FreeBSD. Affects: All supported versions of FreeBSD.
Corrected: 2015-03-19 17:40:43 UTC (stable/10, 10.1-STABLE) Corrected: 2015-03-20 07:11:20 UTC (stable/10, 10.1-STABLE)
2015-03-19 17:42:38 UTC (releng/10.1, 10.1-RELEASE-p7) 2015-03-20 07:12:02 UTC (releng/10.1, 10.1-RELEASE-p8)
2015-03-19 17:40:43 UTC (stable/9, 9.3-STABLE) 2015-03-20 07:11:20 UTC (stable/9, 9.3-STABLE)
2015-03-19 17:42:38 UTC (releng/9.3, 9.3-RELEASE-p11) 2015-03-20 07:12:02 UTC (releng/9.3, 9.3-RELEASE-p12)
2015-03-19 17:40:43 UTC (stable/8, 8.4-STABLE) 2015-03-20 07:11:20 UTC (stable/8, 8.4-STABLE)
2015-03-19 17:42:38 UTC (releng/8.4, 8.4-RELEASE-p25) 2015-03-20 07:12:02 UTC (releng/8.4, 8.4-RELEASE-p26)
CVE Name: CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE Name: CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288,
CVE-2015-0289, CVE-2015-0293 CVE-2015-0289, CVE-2015-0293
@ -24,6 +24,14 @@ For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>. following sections, please visit <URL:https://security.FreeBSD.org/>.
0. Revision history
v1.0 2015-03-19 Initial release.
v1.1 2015-03-20 Reverted a portion of change that should not belong to the
advisory and did not end up in the final OpenSSL release.
The patch is also revised to include fixes for
CVE-2015-0209 and CVE-2015-0288.
I. Background I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is
@ -120,11 +128,19 @@ detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-0.9.8.patch.asc # fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-0.9.8.patch.asc
# gpg --verify openssl-0.9.8.patch.asc # gpg --verify openssl-0.9.8.patch.asc
# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-0.9.8-errata.patch
# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-0.9.8-errata.patch.asc
# gpg --verify openssl-0.9.8-errata.patch.asc
[FreeBSD 10.1] [FreeBSD 10.1]
# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1.patch # fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1.patch
# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1.patch.asc # fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1.patch.asc
# gpg --verify openssl-1.0.1.patch.asc # gpg --verify openssl-1.0.1.patch.asc
# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1-errata.patch
# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1-errata.patch.asc
# gpg --verify openssl-1.0.1-errata.patch.asc
b) Apply the patch. Execute the following commands as root: b) Apply the patch. Execute the following commands as root:
# cd /usr/src # cd /usr/src
@ -142,12 +158,12 @@ affected branch.
Branch/path Revision Branch/path Revision
- ------------------------------------------------------------------------- - -------------------------------------------------------------------------
stable/8/ r280266 stable/8/ r280274
releng/8.4/ r280268 releng/8.4/ r280275
stable/9/ r280266 stable/9/ r280274
releng/9.3/ r280268 releng/9.3/ r280275
stable/10/ r280266 stable/10/ r280274
releng/10.1/ r280268 releng/10.1/ r280275
- ------------------------------------------------------------------------- - -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the To see which files were modified by a particular revision, run the
@ -181,17 +197,17 @@ The latest revision of this advisory is available at
-----BEGIN PGP SIGNATURE----- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.2 (FreeBSD) Version: GnuPG v2.1.2 (FreeBSD)
iQIcBAEBCgAGBQJVCwr1AAoJEO1n7NZdz2rnayEP/0w3Pba5k/1G0mJ1T9APNAns iQIcBAEBCgAGBQJVC8m8AAoJEO1n7NZdz2rn/lQP/1ZrUSnxaoaZxQbLrBZlg7Jr
hhXm0YuR/rNJ1XBooWEOctrijlsVChcIt8KvJCU9apOZWjDvm/nvaQ077GCi5RSp dAgjo4JTSPwyJM3gQY+WD1WPChxIJvbndR/NQux9grrn6N06kD+q0DUHOXi6MAL0
jhQBs8MLVfXzwMbJ0/uBpp6ChF8uafk5O+gr8ulb2jG6VIaLkGOWPYv61aRYSGxy TqMEGxAqVlIUVdn18xZJaIwEzcx5HJKQz2UOMk3UGjy3WSh93p25oewF/cIcaryN
R7+6FxD8M0lLbGOQGETy1HxKzeWztA2p0ILORNAsi+bF8GSJpxGhSxqDDi4+ic/C FKAmpXmmPm77Qv5Vr1st8OyjnP7XiMmerSEWVGqFLsJPye5lvHcPOZrzQkRQRQJf
3oEw0zT/E6DhxJovOPebKq0eGcRbv7ETqDmtNQdqbOddV+0FY1E+nHtrAo6B/Kln 1b896UaOezw4v8C2HJvJMrQLN4l/ahCV6NsuQnN1/yzo8cS75OxMsooo8VgA8k0G
rL+meBJHmLeEREROFk4OvCynuROUJGmXJGKwjN3uOVM05qcEZS4NkVhFNrxt6S5H ADuNFb1oZIygoin6ZOxlSHeeh+A6mdhitU4hNNy2rBNTC9IwijCg/dx/x1rutAxb
t3wQ02SesbA3pbmce5OuXmlJgdL57DVlMb5sQjkqPeoJ6pn6Rz7VLSgLNfXDUSxs 3MHUcCmF0sNewTkDwdzSvVCR4pYAAPI3yG0gUlXMTepQpH6Ozjf77OPW5KQPVGzf
x/Lgx0+qLQUubMud7zT97UIvZmDqFTWXfJu5S/0Qt8BPFunmoNJttJ5Cr+brzEtu ijqOS32hprqVklDu2yREUv1AY0srboES5b9XQyfkFCFyNF8VX3OaDL8jHdfQezSx
5RLjcvkC1giVCpSXS96QbeT67uqSkMZa8gtII8bA77HBGA0Ky8AOwTAXbCiUovuH njF8UVUydmC7szDCW+MmQoNo4NaPCLd2m3l25RRD8SAdR9jB8WIox59E1k2O+LP/
sLwsI8KUC3lsKUh7eyLsSm2+wRHn0e6dZ1PE0JRazCnCRboTvMWK2d4R7ANdrwsq rgO6wial36CUiTc5SdbCzVom9K/KhKXeBWAlCnK9R9DCNaUaiBIvTBngtGdfjxxi
CgtCWLRz6vbB9J4XTNupcEoZGhIA4RuOBqx43eQmaRw1HoV3vn85QP94oL5jzXBd bJxoSqXSnfVwhGE565cwtODR/qMfRxY6Z8g4JEkSQN5SmzezmyLCdmXCpktHkC21
UQg3YfrXHDlxCsqEzN7o XQG0M1dIh8m3m67rEyE6
=wi0T =C2Zp
-----END PGP SIGNATURE----- -----END PGP SIGNATURE-----

75
share/security/patches/SA-15:06/openssl-0.9.8-errata.patch Normal file
View file

@ -0,0 +1,75 @@
Index: crypto/openssl/crypto/asn1/tasn_dec.c
===================================================================
--- crypto/openssl/crypto/asn1/tasn_dec.c (revision 280272)
+++ crypto/openssl/crypto/asn1/tasn_dec.c (working copy)
@@ -125,23 +125,16 @@ unsigned long ASN1_tag2bit(int tag)
ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len, const ASN1_ITEM *it)
-{
+ {
ASN1_TLC c;
ASN1_VALUE *ptmpval = NULL;
+ if (!pval)
+ pval = &ptmpval;
c.valid = 0;
- if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE)
- ptmpval = *pval;
-
- if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) {
- if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) {
- if (*pval)
- ASN1_item_free(*pval, it);
- *pval = ptmpval;
- }
- return ptmpval;
+ if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
+ return *pval;
+ return NULL;
}
- return NULL;
-}
int ASN1_template_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len, const ASN1_TEMPLATE *tt)
Index: crypto/openssl/crypto/ec/ec_asn1.c
===================================================================
--- crypto/openssl/crypto/ec/ec_asn1.c (revision 280272)
+++ crypto/openssl/crypto/ec/ec_asn1.c (working copy)
@@ -1126,8 +1126,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigne
ERR_R_MALLOC_FAILURE);
goto err;
}
- if (a)
- *a = ret;
}
else
ret = *a;
@@ -1192,11 +1190,13 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigne
}
}
+ if (a)
+ *a = ret;
ok = 1;
err:
if (!ok)
{
- if (ret)
+ if (ret && (a == NULL || *a != ret))
EC_KEY_free(ret);
ret = NULL;
}
Index: crypto/openssl/crypto/x509/x509_req.c
===================================================================
--- crypto/openssl/crypto/x509/x509_req.c (revision 280272)
+++ crypto/openssl/crypto/x509/x509_req.c (working copy)
@@ -91,6 +91,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey
goto err;
pktmp = X509_get_pubkey(x);
+ if (pktmp == NULL)
+ goto err;
i=X509_REQ_set_pubkey(ret,pktmp);
EVP_PKEY_free(pktmp);
if (!i) goto err;

17
share/security/patches/SA-15:06/openssl-0.9.8-errata.patch.asc Normal file
View file

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.2 (FreeBSD)
iQIcBAABCgAGBQJVC8nLAAoJEO1n7NZdz2rntVsP/Am0uqGCczvjo7Osj/Arpqs2
/qMFqlmp8YpUOqOP4Nw/4JNcODry6pJOzK8jff0aDhVQn3vPMnNWhsYDAipG8p3e
2vQHgOkgBEO4o4qXxk2cmJzi/vH3lQ/71D8SpiNnX9+RkXjEYOSTBgjFiM7n1Scq
nfsT4HRd3n6Pggo0Gicf02ToCV409oktExqt8CUBVtYwP22RUi4Jv/zoUiVjNTDW
XxdZemsGvEvt7xVKBVjddfbKR0GxZ4zR7KqEBdqoqvntVGZtyGaOpHa82XMd3EFL
2KVqVNVjChtkchU8f4elU9nvWFeiUuw7t2cPIRSFsd0iieGH3dMmiyBFhr4YXvSg
3uRR55vOP0PElI1sSSKqcLq8cpmXKaKNDh/xuAqllPz2IdSuzVVCdmqN+0ShC30X
bPgBxqYg3MIj8/zCgWqcqoOhX8ZPQ1GdvU7Sua6PxNKujRNf4QDVMlRNM/RNOWPs
rmO3wRiBcsejpxayV0L3SGaCHqECxP+UkwCMcSi70LtzMQImbrevQny+1xXcP5Rm
wB8Use66LbV4pFoXsVrIpENa4rXacI+4fLsey9Dm1z5vRFyQtZkeFcQAgucV5La7
1RJR2aS7Q4kj8ERY/T+0z519ud5SEnV4m80K9xr4O0Y2nRuiIp06z4NxEzhDKOAW
hz9hMkj+pNrSBxvbZxUn
=htPX
-----END PGP SIGNATURE-----

74
share/security/patches/SA-15:06/openssl-1.0.1-errata.patch Normal file
View file

@ -0,0 +1,74 @@
Index: crypto/openssl/crypto/asn1/tasn_dec.c
===================================================================
--- crypto/openssl/crypto/asn1/tasn_dec.c (revision 280272)
+++ crypto/openssl/crypto/asn1/tasn_dec.c (working copy)
@@ -127,22 +127,16 @@ unsigned long ASN1_tag2bit(int tag)
ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len, const ASN1_ITEM *it)
-{
+ {
ASN1_TLC c;
ASN1_VALUE *ptmpval = NULL;
+ if (!pval)
+ pval = &ptmpval;
asn1_tlc_clear_nc(&c);
- if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE)
- ptmpval = *pval;
- if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) {
- if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) {
- if (*pval)
- ASN1_item_free(*pval, it);
- *pval = ptmpval;
- }
- return ptmpval;
+ if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
+ return *pval;
+ return NULL;
}
- return NULL;
-}
int ASN1_template_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len, const ASN1_TEMPLATE *tt)
Index: crypto/openssl/crypto/ec/ec_asn1.c
===================================================================
--- crypto/openssl/crypto/ec/ec_asn1.c (revision 280272)
+++ crypto/openssl/crypto/ec/ec_asn1.c (working copy)
@@ -1142,8 +1142,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigne
ERR_R_MALLOC_FAILURE);
goto err;
}
- if (a)
- *a = ret;
}
else
ret = *a;
@@ -1225,11 +1223,13 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigne
ret->enc_flag |= EC_PKEY_NO_PUBKEY;
}
+ if (a)
+ *a = ret;
ok = 1;
err:
if (!ok)
{
- if (ret)
+ if (ret && (a == NULL || *a != ret))
EC_KEY_free(ret);
ret = NULL;
}
Index: crypto/openssl/crypto/x509/x509_req.c
===================================================================
--- crypto/openssl/crypto/x509/x509_req.c (revision 280272)
+++ crypto/openssl/crypto/x509/x509_req.c (working copy)
@@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey
goto err;
pktmp = X509_get_pubkey(x);
+ if (pktmp == NULL)
+ goto err;
i=X509_REQ_set_pubkey(ret,pktmp);
EVP_PKEY_free(pktmp);
if (!i) goto err;

17
share/security/patches/SA-15:06/openssl-1.0.1-errata.patch.asc Normal file
View file

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.2 (FreeBSD)
iQIcBAABCgAGBQJVC8nLAAoJEO1n7NZdz2rnRHQQANP4jK13uDS4M22jPpjeNTtj
GOk/zpZHCrRHDrWo2xTU/bHJB6vrAwehy7klVw0wGc5WmpDYaJtEkPkaf31QgjvT
fDso7bIy2nugcuaMQtmMaZfLwbD5f/k9xDYKxzGN/Zh6dkvTs8FxJQzdCjwb6P4w
i5iRFRmkJp2Wl5FBG+jt+7c8Oup4QSWD1Q/IpFVPtz3PKuNma1u+xMcW5W1l5QnI
On/f3p+mfQJkaQSz9SVMEI94tLIP9iCsqDzm5EmWhHIegVpDpzy4Pk2ipFD4Ec6I
eTRfctSmMSlJYHIYIt8idRvqaaUnely7nm5DIDAH0RLGOgVGtrNGKapFyyAlIn2c
sS9G51qZrSXoG+Fohsw6rycLYjMLJjoijZXbquns+q/IxCw9XZvj+3TX8s5tDjvk
V4D1SG4e8lBYq+WZpNE6ygV3nT0K8ilSYkqzX/iXDddsFk/0Q0tAzIwAk66rVadD
WHj+BBoTTXHkIsHKm8b+4lyMabSaI92H2c1Bbl0yWHVFiXyKBjBSGMCMCQW5GVPx
ys07B1BhT4Gp+ullR4mIyLMyevvOfun/J5BsPcdoJMzOMYgeM1ORO9JnK9jnI0I5
3hU2ZFdnr8xVzHmVMY/uShC7YpU5BxDQVF48JDl7+oK12sPDDIqVL7D7Vq414Nuh
oDB6p7qRukpo2MBOMHe7
=dKQ8
-----END PGP SIGNATURE-----