openssl: add patch for CVE-2010-0740 ("Record of death") vulnerability
authorJo-Philipp Wich <jow@openwrt.org>
Mon, 29 Mar 2010 23:14:47 +0000 (23:14 +0000)
committerJo-Philipp Wich <jow@openwrt.org>
Mon, 29 Mar 2010 23:14:47 +0000 (23:14 +0000)
SVN-Revision: 20592

package/openssl/Makefile
package/openssl/patches/400-cve-2010-0740.patch [new file with mode: 0644]

index e7a74905fd00b950f5078f4362430c6e4b499fa8..9f80a98f3982c2ecb8e90fdc2ddf655fe06b556a 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
 PKG_VERSION:=0.9.8m
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.openssl.org/source/ \
diff --git a/package/openssl/patches/400-cve-2010-0740.patch b/package/openssl/patches/400-cve-2010-0740.patch
new file mode 100644 (file)
index 0000000..4c893eb
--- /dev/null
@@ -0,0 +1,15 @@
+--- a/ssl/s3_pkt.c
++++ b/ssl/s3_pkt.c
+@@ -291,9 +291,9 @@ again:
+                       if (version != s->version)
+                               {
+                               SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
+-                              /* Send back error using their
+-                               * version number :-) */
+-                              s->version=version;
++                                if ((s->version & 0xFF00) == (version & 0xFF00))
++                                      /* Send back error using their minor version number :-) */
++                                      s->version = (unsigned short)version;
+                               al=SSL_AD_PROTOCOL_VERSION;
+                               goto f_err;
+                               }