Hello community, here is the log from the commit of package wget for openSUSE:Factory checked in at Thu Aug 13 17:41:51 CEST 2009. -------- --- wget/wget.changes 2008-09-01 19:28:42.000000000 +0200 +++ wget/wget.changes 2009-08-13 12:19:45.000000000 +0200 @@ -1,0 +2,6 @@ +Tue Aug 11 15:03:51 CEST 2009 - max@suse.de + +- Fix vulnerability against SSL certificates with a zero byte in + the common name field (wget-nullcerts.patch, bnc#528298). + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- wget-nullcerts.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wget.spec ++++++ --- /var/tmp/diff_new_pack.qh0gkr/_old 2009-08-13 17:39:45.000000000 +0200 +++ /var/tmp/diff_new_pack.qh0gkr/_new 2009-08-13 17:39:45.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package wget (Version 1.11.4) # -# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,10 +25,11 @@ Group: Productivity/Networking/Web/Utilities AutoReqProv: on Version: 1.11.4 -Release: 1 +Release: 7 Summary: A Tool for Mirroring FTP and HTTP Servers Source: %name-%version.tar.bz2 Patch1: wgetrc.patch +Patch2: wget-nullcerts.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %install_info_prereq @@ -45,6 +46,7 @@ %prep %setup -q %patch1 +%patch2 %build ./autogen.sh ++++++ wget-nullcerts.patch ++++++ --- src/openssl.c +++ src/openssl.c @@ -481,6 +481,7 @@ { X509 *cert; char common_name[256]; + int len1, len2; long vresult; bool success = true; @@ -562,9 +563,34 @@ UTF-8 which can be meaningfully compared to HOST. */ common_name[0] = '\0'; - X509_NAME_get_text_by_NID (X509_get_subject_name (cert), - NID_commonName, common_name, sizeof (common_name)); - if (!pattern_match (common_name, host)) + len1 = X509_NAME_get_text_by_NID (X509_get_subject_name (cert), + NID_commonName, NULL, 0); + len2 = X509_NAME_get_text_by_NID (X509_get_subject_name (cert), + NID_commonName, common_name, + sizeof(common_name)); + if (len1 < 0 || len2 < 0) + { + logprintf (LOG_NOTQUIET, _("\ +%s: certificate has no common name.\n"), + severity); + success = false; + } + if (len1 != len2) + { + logprintf (LOG_NOTQUIET, _("\ +%s: certificate common name is %d bytes long, maximum allowed is %d.\n"), + severity, len1, sizeof(common_name)-1); + success = false; + } + else if (len2 != strlen(common_name)) + { + logprintf (LOG_NOTQUIET, _("\ +%s: certificate common name contains a NULL character: '%s\\0%s'.\n"), + severity, escnonprint (common_name), + escnonprint (common_name + strlen(common_name)+1)); + success = false; + } + else if (!pattern_match (common_name, host)) { logprintf (LOG_NOTQUIET, _("\ %s: certificate common name `%s' doesn't match requested host name `%s'.\n"), ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org