From nobody Thu Mar 30 14:36:41 2023 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PnQwT4xPlz41rgp; Thu, 30 Mar 2023 14:36:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PnQwT4RWlz3x2P; Thu, 30 Mar 2023 14:36:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1680187001; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Aj/oW1aFLincJRP+V/tzju+OhnpnTH0tHhsxwRJpKI8=; b=crl/zTFzcdl9szcpXRAtTlzGYSCex7W9cPuh3b1mEPD9tSvI7Go88fZ6spK6mftsCs+iO8 VFnQQ2NygS6ytpX2OJGtqEdrCI1yScsxI4xQ8w6/L4Zc2t8awjJUftSy2jm9LRl4azo+Dx H+0jDN+cTgZQzsa7Jp9CvEkGmCJoYFIS54e0Kn8m5GDXNW+SIzjvQGKD84oIENczcOwBVq pIGf7kbYBBwGmebLpXO79sxxBLMiTRfOwiIPimagtQerP5tmoPAhPUrMn+CSy0Dv84/HWt xDnfW5FRftV8rhP8J/AloPbLRL7btbo3slbkK0CNIhg+V8u3ZBLhcZbchFnVUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1680187001; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Aj/oW1aFLincJRP+V/tzju+OhnpnTH0tHhsxwRJpKI8=; b=TglyNxxdpkh4R857zzEPFZCNaXoQFOVI1SxIC6xszODf1iZrRuCRnmleTgglQvGh8q/SO9 vrkpy0WYX0AZzGdRV+xij1qlaw4RWvQMbZafopAfvEF83puP+zQDWz3cX7MGCAsWFRsDtm GhituoW7x21RwAlO9PtV05jvkaah+M35SxbRk0uZqH6EsvGJdVcSYombEmMLhTWxSk+Mde +5M1fYPJOftIEaxkLJn9vbBJ3nyx3qrPiYO9Fu0hLZehuVOJ1q+3/ifQEQGRw/fqWC6x6d Jr482tZNUK30tTlpPyOyPwakc1bpjl+2g53eb981XoLV6kGc6oaTBexFTA57YQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1680187001; a=rsa-sha256; cv=none; b=RyIlwPoREeh8xjaSQjENNKWA/L1HGnzwhyl+D6U5IkP0v+TTMrOwqGIGhFH4JcEMgdWEiO wh2bP9qCBY+PX5yF/SUxNyLyeCFltmr5mMxrt6nvLmGy6KwMTGE2YlXDtho4uNe/cS6ITJ 0THXHzyw3vcIPAGuKvN+vXNy9ESincEzBROclFEI7e6JdhdQ4yZNKf4gIaFGlPuzd9qZrU mAERnm3NeqhH3yLCbb3eHTh/0pGpaywCFlr1MuiVZcmpm8M8WWlnGtoov+luIf8jRvuGhL ZevD8Lrx+Pe61FoaP/f44fsMCN2LWh6qVNqTr5Tm2q6iwqlcBgHuiLpW/a/A1A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PnQwT3Tr8zG0Q; Thu, 30 Mar 2023 14:36:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 32UEafI0078673; Thu, 30 Mar 2023 14:36:41 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 32UEaf21078672; Thu, 30 Mar 2023 14:36:41 GMT (envelope-from git) Date: Thu, 30 Mar 2023 14:36:41 GMT Message-Id: <202303301436.32UEaf21078672@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Bernard Spil Subject: git: 688531cd056e - main - security/openssl-quictls: Security update for CVE-2023-0465 & 0466 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: brnrd X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 688531cd056e8a8ab8d63cb5239a99b0517c8f6e Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by brnrd: URL: https://cgit.FreeBSD.org/ports/commit/?id=688531cd056e8a8ab8d63cb5239a99b0517c8f6e commit 688531cd056e8a8ab8d63cb5239a99b0517c8f6e Author: Bernard Spil AuthorDate: 2023-03-30 14:35:35 +0000 Commit: Bernard Spil CommitDate: 2023-03-30 14:35:35 +0000 security/openssl-quictls: Security update for CVE-2023-0465 & 0466 Security: 425b9538-ce5f-11ed-ade3-d4c9ef517024 --- security/openssl-quictls/Makefile | 2 +- security/openssl-quictls/files/patch-CVE-2023-0464 | 75 ++++++++++++ security/openssl-quictls/files/patch-CVE-2023-0465 | 126 +++++++++++++++++++++ security/openssl-quictls/files/patch-CVE-2023-0466 | 91 +++++++++++++++ 4 files changed, 293 insertions(+), 1 deletion(-) diff --git a/security/openssl-quictls/Makefile b/security/openssl-quictls/Makefile index 9eea2e084a24..56153c991ced 100644 --- a/security/openssl-quictls/Makefile +++ b/security/openssl-quictls/Makefile @@ -1,6 +1,6 @@ PORTNAME= openssl PORTVERSION= 3.0.8 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security devel PKGNAMESUFFIX= -quictls diff --git a/security/openssl-quictls/files/patch-CVE-2023-0464 b/security/openssl-quictls/files/patch-CVE-2023-0464 index 2f5d8c90fed6..8f5518d1f191 100644 --- a/security/openssl-quictls/files/patch-CVE-2023-0464 +++ b/security/openssl-quictls/files/patch-CVE-2023-0464 @@ -216,3 +216,78 @@ index fa45da5117a1..f953a05a41a6 100644 return X509_PCY_TREE_INTERNAL; if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY) +From 2389cdc9f74268a0d5164a998929ffe50102c0eb Mon Sep 17 00:00:00 2001 +From: Richard Levitte +Date: Tue, 7 Feb 2023 14:44:20 +0100 +Subject: [PATCH] Prepare for 3.0.9 + +Reviewed-by: Tomas Mraz +Release: yes +--- + CHANGES.md | 4 ++++ + NEWS.md | 4 ++++ + VERSION.dat | 4 ++-- + 3 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/CHANGES.md b/CHANGES.md +index 7cdd9d974536..0e4fdebfde4e 100644 +--- CHANGES.md.orig ++++ CHANGES.md +@@ -28,6 +28,10 @@ breaking changes, and mappings for the large list of deprecated functions. + + [Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod + ++### Changes between 3.0.8 and 3.0.9 [xx XXX xxxx] ++ ++ * none yet ++ + ### Changes between 3.0.7 and 3.0.8 [7 Feb 2023] + + * Fixed NULL dereference during PKCS7 data verification. +diff --git a/NEWS.md b/NEWS.md +index 36dbfa72f6d5..e7a23e908c1f 100644 +--- NEWS.md.orig ++++ NEWS.md +@@ -18,6 +18,10 @@ OpenSSL Releases + OpenSSL 3.0 + ----------- + ++### Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [under development] ++ ++ * none ++ + ### Major changes between OpenSSL 3.0.7 and OpenSSL 3.0.8 [7 Feb 2023] + + * Fixed NULL dereference during PKCS7 data verification ([CVE-2023-0401]) +From f8fe66e3f13350b527da871183b727e0fb9632ca Mon Sep 17 00:00:00 2001 +From: Pauli +Date: Wed, 15 Mar 2023 14:18:53 +1100 +Subject: [PATCH] changes: note about policy tree size limits and circumvention + +Reviewed-by: Tomas Mraz +Reviewed-by: Shane Lontis +(Merged from https://github.com/openssl/openssl/pull/20568) +--- + CHANGES.md | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/CHANGES.md b/CHANGES.md +index 2ba422c09a32..3eddb6f10e02 100644 +--- CHANGES.md.orig ++++ CHANGES.md +@@ -30,7 +30,14 @@ breaking changes, and mappings for the large list of deprecated functions. + + ### Changes between 3.0.8 and 3.0.9 [xx XXX xxxx] + +- * none yet ++ * Limited the number of nodes created in a policy tree to mitigate ++ against CVE-2023-0464. The default limit is set to 1000 nodes, which ++ should be sufficient for most installations. If required, the limit ++ can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build ++ time define to a desired maximum number of nodes or zero to allow ++ unlimited growth. ++ ++ *Paul Dale* + + ### Changes between 3.0.7 and 3.0.8 [7 Feb 2023] + diff --git a/security/openssl-quictls/files/patch-CVE-2023-0465 b/security/openssl-quictls/files/patch-CVE-2023-0465 new file mode 100644 index 000000000000..bf1edbf2e618 --- /dev/null +++ b/security/openssl-quictls/files/patch-CVE-2023-0465 @@ -0,0 +1,126 @@ +From 9a1410bd393c594f852222392c36bc7895d82d57 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 23 Mar 2023 15:31:25 +0000 +Subject: [PATCH] Updated CHANGES.md and NEWS.md for CVE-2023-0465 + +Also updated the entries for CVE-2023-0464 + +Related-to: CVE-2023-0465 + +Reviewed-by: Hugo Landau +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/20587) +--- + CHANGES.md | 12 ++++++++++++ + NEWS.md | 6 +++++- + 2 files changed, 17 insertions(+), 1 deletion(-) + +diff --git a/CHANGES.md b/CHANGES.md +index 3eddb6f10e02..31cc6095cc3b 100644 +--- CHANGES.md.orig ++++ CHANGES.md +@@ -30,12 +30,22 @@ breaking changes, and mappings for the large list of deprecated functions. + + ### Changes between 3.0.8 and 3.0.9 [xx XXX xxxx] + ++ * Fixed an issue where invalid certificate policies in leaf certificates are ++ silently ignored by OpenSSL and other certificate policy checks are skipped ++ for that certificate. A malicious CA could use this to deliberately assert ++ invalid certificate policies in order to circumvent policy checking on the ++ certificate altogether. ++ ([CVE-2023-0465]) ++ ++ *Matt Caswell* ++ + * Limited the number of nodes created in a policy tree to mitigate + against CVE-2023-0464. The default limit is set to 1000 nodes, which + should be sufficient for most installations. If required, the limit + can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build + time define to a desired maximum number of nodes or zero to allow + unlimited growth. ++ ([CVE-2023-0464]) + + *Paul Dale* + +@@ -19589,6 +19599,8 @@ ndif + + + ++[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 ++[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 + [CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286 + [CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217 +diff --git a/NEWS.md b/NEWS.md +index c6e4926bd527..7fe2ff15d97e 100644 +--- NEWS.md.orig ++++ NEWS.md +@@ -20,7 +20,9 @@ OpenSSL 3.0 + + ### Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [under development] + +- * none ++ * Fixed handling of invalid certificate policies in leaf certificates ++ ([CVE-2023-0465]) ++ * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) + + ### Major changes between OpenSSL 3.0.7 and OpenSSL 3.0.8 [7 Feb 2023] + +@@ -1434,6 +1436,8 @@ OpenSSL 0.9.x + * Support for various new platforms + + ++[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 ++[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 + [CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286 + [CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217 +From 1dd43e0709fece299b15208f36cc7c76209ba0bb Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Tue, 7 Mar 2023 16:52:55 +0000 +Subject: [PATCH] Ensure that EXFLAG_INVALID_POLICY is checked even in leaf + certs + +Even though we check the leaf cert to confirm it is valid, we +later ignored the invalid flag and did not notice that the leaf +cert was bad. + +Fixes: CVE-2023-0465 + +Reviewed-by: Hugo Landau +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/20587) +--- + crypto/x509/x509_vfy.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c +index 9384f1da9bad..a0282c3ef121 100644 +--- crypto/x509/x509_vfy.c.orig ++++ crypto/x509/x509_vfy.c +@@ -1654,15 +1654,23 @@ static int check_policy(X509_STORE_CTX *ctx) + goto memerr; + /* Invalid or inconsistent extensions */ + if (ret == X509_PCY_TREE_INVALID) { +- int i; ++ int i, cbcalled = 0; + + /* Locate certificates with bad extensions and notify callback. */ +- for (i = 1; i < sk_X509_num(ctx->chain); i++) { ++ for (i = 0; i < sk_X509_num(ctx->chain); i++) { + X509 *x = sk_X509_value(ctx->chain, i); + ++ if ((x->ex_flags & EXFLAG_INVALID_POLICY) != 0) ++ cbcalled = 1; + CB_FAIL_IF((x->ex_flags & EXFLAG_INVALID_POLICY) != 0, + ctx, x, i, X509_V_ERR_INVALID_POLICY_EXTENSION); + } ++ if (!cbcalled) { ++ /* Should not be able to get here */ ++ ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR); ++ return 0; ++ } ++ /* The callback ignored the error so we return success */ + return 1; + } + if (ret == X509_PCY_TREE_FAILURE) { diff --git a/security/openssl-quictls/files/patch-CVE-2023-0466 b/security/openssl-quictls/files/patch-CVE-2023-0466 new file mode 100644 index 000000000000..9922f2afd95d --- /dev/null +++ b/security/openssl-quictls/files/patch-CVE-2023-0466 @@ -0,0 +1,91 @@ +From 51e8a84ce742db0f6c70510d0159dad8f7825908 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Tue, 21 Mar 2023 16:15:47 +0100 +Subject: [PATCH] Fix documentation of X509_VERIFY_PARAM_add0_policy() + +The function was incorrectly documented as enabling policy checking. + +Fixes: CVE-2023-0466 + +Reviewed-by: Matt Caswell +Reviewed-by: Paul Dale +(Merged from https://github.com/openssl/openssl/pull/20563) +--- + CHANGES.md | 8 ++++++++ + NEWS.md | 2 ++ + doc/man3/X509_VERIFY_PARAM_set_flags.pod | 9 +++++++-- + 3 files changed, 17 insertions(+), 2 deletions(-) + +diff --git a/CHANGES.md b/CHANGES.md +index 31cc6095cc3b..eb948e6b746b 100644 +--- CHANGES.md.orig ++++ CHANGES.md +@@ -30,6 +30,13 @@ breaking changes, and mappings for the large list of deprecated functions. + + ### Changes between 3.0.8 and 3.0.9 [xx XXX xxxx] + ++ * Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention ++ that it does not enable policy checking. Thanks to David Benjamin for ++ discovering this issue. ++ ([CVE-2023-0466]) ++ ++ *Tomáš Mráz* ++ + * Fixed an issue where invalid certificate policies in leaf certificates are + silently ignored by OpenSSL and other certificate policy checks are skipped + for that certificate. A malicious CA could use this to deliberately assert +@@ -19599,6 +19606,7 @@ ndif + + + ++[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 + [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 +diff --git a/NEWS.md b/NEWS.md +index 7fe2ff15d97e..61f82603acbe 100644 +--- NEWS.md.orig ++++ NEWS.md +@@ -20,6 +20,7 @@ OpenSSL 3.0 + + ### Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [under development] + ++ * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466]) + * Fixed handling of invalid certificate policies in leaf certificates + ([CVE-2023-0465]) + * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) +@@ -1436,6 +1437,7 @@ OpenSSL 0.9.x + * Support for various new platforms + + ++[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 + [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 +diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/doc/man3/X509_VERIFY_PARAM_set_flags.pod +index 75a167702296..43c1900bca78 100644 +--- doc/man3/X509_VERIFY_PARAM_set_flags.pod.orig ++++ doc/man3/X509_VERIFY_PARAM_set_flags.pod +@@ -98,8 +98,9 @@ B. + X509_VERIFY_PARAM_set_time() sets the verification time in B to + B. Normally the current time is used. + +-X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled +-by default) and adds B to the acceptable policy set. ++X509_VERIFY_PARAM_add0_policy() adds B to the acceptable policy set. ++Contrary to preexisting documentation of this function it does not enable ++policy checking. + + X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled + by default) and sets the acceptable policy set to B. Any existing +@@ -400,6 +401,10 @@ The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i. + The X509_VERIFY_PARAM_get0_host(), X509_VERIFY_PARAM_get0_email(), + and X509_VERIFY_PARAM_get1_ip_asc() functions were added in OpenSSL 3.0. + ++The function X509_VERIFY_PARAM_add0_policy() was historically documented as ++enabling policy checking however the implementation has never done this. ++The documentation was changed to align with the implementation. ++ + =head1 COPYRIGHT + + Copyright 2009-2023 The OpenSSL Project Authors. All Rights Reserved.