Hello community, here is the log from the commit of package openssl checked in at Thu Jun 5 17:54:23 CEST 2008. -------- --- openssl/openssl.changes 2008-05-21 20:49:38.000000000 +0200 +++ /mounts/work_src_done/STABLE/openssl/openssl.changes 2008-05-28 15:04:16.000000000 +0200 @@ -1,0 +2,7 @@ +Wed May 28 15:04:08 CEST 2008 - mkoenig@suse.de + +- fix OpenSSL Server Name extension crash (CVE-2008-0891) + and OpenSSL Omit Server Key Exchange message crash (CVE-2008-1672) + [bnc#394317] + +------------------------------------------------------------------- New: ---- openssl-CVE-2008-0891.patch openssl-CVE-2008-1672.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl.spec ++++++ --- /var/tmp/diff_new_pack.c10489/_old 2008-06-05 17:49:55.000000000 +0200 +++ /var/tmp/diff_new_pack.c10489/_new 2008-06-05 17:49:55.000000000 +0200 @@ -20,7 +20,7 @@ Provides: ssl AutoReqProv: on Version: 0.9.8g -Release: 43 +Release: 46 Summary: Secure Sockets and Transport Layer Security Url: http://www.openssl.org/ Source: http://www.%{name}.org/source/%{name}-%{version}.tar.bz2 @@ -38,6 +38,8 @@ Patch6: openssl-0.9.8a.ca-app-segfault.bug128655.dif Patch7: bswap.diff Patch8: openssl-0.9.8g-fix_dh_for_certain_moduli.patch +Patch9: openssl-CVE-2008-0891.patch +Patch10: openssl-CVE-2008-1672.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -198,6 +200,8 @@ %patch6 -p1 %patch7 %patch8 -p1 +%patch9 +%patch10 cp -p %{S:10} . cp -p %{S:20} certs/ cp -p %{S:21} certs/ @@ -413,6 +417,10 @@ %{ssletcdir}/certs %changelog +* Wed May 28 2008 mkoenig@suse.de +- fix OpenSSL Server Name extension crash (CVE-2008-0891) + and OpenSSL Omit Server Key Exchange message crash (CVE-2008-1672) + [bnc#394317] * Wed May 21 2008 cthiel@suse.de - fix baselibs.conf * Tue Apr 22 2008 mkoenig@suse.de ++++++ openssl-CVE-2008-0891.patch ++++++ Index: ssl/t1_lib.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/t1_lib.c,v retrieving revision 1.13.2.8 diff -u -r1.13.2.8 t1_lib.c --- ssl/t1_lib.c 18 Oct 2007 11:39:11 -0000 1.13.2.8 +++ ssl/t1_lib.c 18 Mar 2008 12:06:58 -0000 @@ -381,6 +381,7 @@ s->session->tlsext_hostname[len]='\0'; if (strlen(s->session->tlsext_hostname) != len) { OPENSSL_free(s->session->tlsext_hostname); + s->session->tlsext_hostname = NULL; *al = TLS1_AD_UNRECOGNIZED_NAME; return 0; } ++++++ openssl-CVE-2008-1672.patch ++++++ Index: ssl/s3_clnt.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/s3_clnt.c,v retrieving revision 1.88.2.12 diff -u -r1.88.2.12 s3_clnt.c --- ssl/s3_clnt.c 3 Nov 2007 13:07:39 -0000 1.88.2.12 +++ ssl/s3_clnt.c 22 May 2008 09:19:30 -0000 @@ -2061,6 +2061,13 @@ { DH *dh_srvr,*dh_clnt; + if (s->session->sess_cert == NULL) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); + goto err; + } + if (s->session->sess_cert->peer_dh_tmp != NULL) dh_srvr=s->session->sess_cert->peer_dh_tmp; else ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org