Codebase list openssl / 4a7eea9
Fix CVE-2013-6449 Kurt Roeckx 10 years ago
3 changed file(s) with 90 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
+6
-0
debian/changelog less more
0 openssl (1.0.1e-2+deb7u1) stable-security; urgency=medium
1
2 * Fix CVE-2013-6449 (Closes: #732754)
3
4 -- Kurt Roeckx <kurt@roeckx.be> Mon, 23 Dec 2013 15:47:52 +0100
5
06 openssl (1.0.1e-2) unstable; urgency=high
17
28 * Bump shlibs. It's needed for the udeb.
+83
-0
debian/patches/CVE-2013-6449.patch less more
0 Author: Dr. Stephen Henson <steve@openssl.org>
1 Date: Thu Dec 19 14:37:39 2013 +0000
2 Subject: Fix CVE-2013-6449
3
4 This is a combination of upstream commits:
5 0294b2be5f4c11e60620c0018674ff0e17b14238
6 ca989269a2876bae79393bd54c3e72d49975fc75
7
8 diff --git a/ssl/s3_both.c b/ssl/s3_both.c
9 index ead01c8..1e5dcab 100644
10 --- a/ssl/s3_both.c
11 +++ b/ssl/s3_both.c
12 @@ -161,6 +161,8 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
13
14 i=s->method->ssl3_enc->final_finish_mac(s,
15 sender,slen,s->s3->tmp.finish_md);
16 + if (i == 0)
17 + return 0;
18 s->s3->tmp.finish_md_len = i;
19 memcpy(p, s->s3->tmp.finish_md, i);
20 p+=i;
21 diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
22 index 804291e..c4bc4e7 100644
23 --- a/ssl/s3_pkt.c
24 +++ b/ssl/s3_pkt.c
25 @@ -1459,8 +1459,14 @@ int ssl3_do_change_cipher_spec(SSL *s)
26 slen=s->method->ssl3_enc->client_finished_label_len;
27 }
28
29 - s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
30 + i = s->method->ssl3_enc->final_finish_mac(s,
31 sender,slen,s->s3->tmp.peer_finish_md);
32 + if (i == 0)
33 + {
34 + SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
35 + return 0;
36 + }
37 + s->s3->tmp.peer_finish_md_len = i;
38
39 return(1);
40 }
41 diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
42 index 809ad2e..72015f5 100644
43 --- a/ssl/t1_enc.c
44 +++ b/ssl/t1_enc.c
45 @@ -915,18 +915,19 @@ int tls1_final_finish_mac(SSL *s,
46 if (mask & ssl_get_algorithm2(s))
47 {
48 int hashsize = EVP_MD_size(md);
49 - if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
50 + EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
51 + if (!hdgst || hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
52 {
53 /* internal error: 'buf' is too small for this cipersuite! */
54 err = 1;
55 }
56 else
57 {
58 - EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]);
59 - EVP_DigestFinal_ex(&ctx,q,&i);
60 - if (i != (unsigned int)hashsize) /* can't really happen */
61 + if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
62 + !EVP_DigestFinal_ex(&ctx,q,&i) ||
63 + (i != (unsigned int)hashsize))
64 err = 1;
65 - q+=i;
66 + q+=hashsize;
67 }
68 }
69 }
70 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
71 index bf832bb..c4ef273 100644
72 --- a/ssl/s3_lib.c
73 +++ b/ssl/s3_lib.c
74 @@ -4286,7 +4286,7 @@ need to go to SSL_ST_ACCEPT.
75 long ssl_get_algorithm2(SSL *s)
76 {
77 long alg2 = s->s3->tmp.new_cipher->algorithm2;
78 - if (TLS1_get_version(s) >= TLS1_2_VERSION &&
79 + if (s->method->version == TLS1_2_VERSION &&
80 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
81 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
82 return alg2;
+1
-0
debian/patches/series less more
3535 aesni-mac.patch
3636 dtls_version.patch
3737 get_certificate.patch
38 CVE-2013-6449.patch