Codebase list openssl / 680dcb6
Fix OCSP stapling parse error (CVE-2011-0014) Kurt Roeckx 13 years ago
3 changed file(s) with 34 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
+6
-0
debian/changelog less more
0 openssl (0.9.8o-4squeeze1) unstable; urgency=low
1
2 * Fix OCSP stapling parse error (CVE-2011-0014)
3
4 -- Kurt Roeckx <kurt@roeckx.be> Thu, 10 Feb 2011 19:06:09 +0100
5
06 openssl (0.9.8o-4) unstable; urgency=low
17
28 * Fix CVE-2010-4180 (Closes: #529221)
+27
-0
debian/patches/CVE-2011-0014.patch less more
0 --- a/ssl/t1_lib.c 25 Nov 2010 12:28:28 -0000 1.64.2.17
1 +++ b/ssl/t1_lib.c 8 Feb 2011 00:00:00 -0000
2 @@ -917,6 +917,7 @@
3 }
4 n2s(data, idsize);
5 dsize -= 2 + idsize;
6 + size -= 2 + idsize;
7 if (dsize < 0)
8 {
9 *al = SSL_AD_DECODE_ERROR;
10 @@ -955,9 +956,14 @@
11 }
12
13 /* Read in request_extensions */
14 + if (size < 2)
15 + {
16 + *al = SSL_AD_DECODE_ERROR;
17 + return 0;
18 + }
19 n2s(data,dsize);
20 size -= 2;
21 - if (dsize > size)
22 + if (dsize != size)
23 {
24 *al = SSL_AD_DECODE_ERROR;
25 return 0;
26
+1
-0
debian/patches/series less more
2020 CVE-2010-2939.patch
2121 CVE-2010-3864.patch
2222 CVE-2010-4180.patch
23 CVE-2011-0014.patch