svn commit: r356535 - in head/security/gnutls: . files

Cy Schubert cy at FreeBSD.org
Wed Jun 4 18:51:20 UTC 2014 

Author: cy
Date: Wed Jun  4 18:51:20 2014
New Revision: 356535
URL: http://svnweb.freebsd.org/changeset/ports/356535
QAT: https://qat.redports.org/buildarchive/r356535/

Log:
  Patch CVE-2014-3466 to prevent memory corruption due to server hello parsing.
  
  Obtained from:  https://gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd
  Security:       CVE-2014-3466, 9733c480-ebff-11e3-970b-206a8a720317

Added:
  head/security/gnutls/files/patch-lib-gnutls_handshake.c   (contents, props changed)
Modified:
  head/security/gnutls/Makefile

Modified: head/security/gnutls/Makefile
==============================================================================
--- head/security/gnutls/Makefile	Wed Jun  4 18:50:52 2014	(r356534)
+++ head/security/gnutls/Makefile	Wed Jun  4 18:51:20 2014	(r356535)
@@ -3,7 +3,7 @@
 
 PORTNAME=	gnutls
 PORTVERSION=	2.12.23
-PORTREVISION=	5
+PORTREVISION=	6
 CATEGORIES=	security net
 MASTER_SITES=	\
 	ftp://ftp.gnutls.org/gcrypt/gnutls/v${PORTVERSION:C/.[0-9]+$//}/ \

Added: head/security/gnutls/files/patch-lib-gnutls_handshake.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/gnutls/files/patch-lib-gnutls_handshake.c	Wed Jun  4 18:51:20 2014	(r356535)
@@ -0,0 +1,11 @@
+--- lib/gnutls_handshake.c.orig	2012-11-03 06:03:47.000000000 -0700
++++ lib/gnutls_handshake.c	2014-06-04 07:55:49.138570114 -0700
+@@ -1797,7 +1797,7 @@
+   DECR_LEN (len, 1);
+   session_id_len = data[pos++];
+ 
+-  if (len < session_id_len)
++  if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE)
+     {
+       gnutls_assert ();
+       return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;

More information about the svn-ports-all mailing list