mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-19 19:59:43 +00:00
Patch CVE-2014-3466 to prevent memory corruption due to server hello parsing.
Obtained from: 688ea6428a
Security: CVE-2014-3466, 9733c480-ebff-11e3-970b-206a8a720317
This commit is contained in:
parent
42945633eb
commit
8887883116
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=356535
@ -3,7 +3,7 @@
|
||||
|
||||
PORTNAME= gnutls
|
||||
PORTVERSION= 2.12.23
|
||||
PORTREVISION= 5
|
||||
PORTREVISION= 6
|
||||
CATEGORIES= security net
|
||||
MASTER_SITES= \
|
||||
ftp://ftp.gnutls.org/gcrypt/gnutls/v${PORTVERSION:C/.[0-9]+$//}/ \
|
||||
|
11
security/gnutls/files/patch-lib-gnutls_handshake.c
Normal file
11
security/gnutls/files/patch-lib-gnutls_handshake.c
Normal file
@ -0,0 +1,11 @@
|
||||
--- lib/gnutls_handshake.c.orig 2012-11-03 06:03:47.000000000 -0700
|
||||
+++ lib/gnutls_handshake.c 2014-06-04 07:55:49.138570114 -0700
|
||||
@@ -1797,7 +1797,7 @@
|
||||
DECR_LEN (len, 1);
|
||||
session_id_len = data[pos++];
|
||||
|
||||
- if (len < session_id_len)
|
||||
+ if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE)
|
||||
{
|
||||
gnutls_assert ();
|
||||
return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
|
Loading…
Reference in New Issue
Block a user