rpms/openssl/devel openssl-0.9.8b-cve-2006-2940.patch, 1.1, 1.2 openssl.spec, 1.85, 1.86

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Mon Oct 2 08:38:01 UTC 2006 

Author: tmraz

Update of /cvs/dist/rpms/openssl/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv15152

Modified Files:
	openssl-0.9.8b-cve-2006-2940.patch openssl.spec 
Log Message:
* Mon Oct  2 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8b-8
- CVE-2006-2940 fix was incorrect (#208744)


openssl-0.9.8b-cve-2006-2940.patch:
 dh/dh.h        |    3 +++
 dh/dh_err.c    |    1 +
 dh/dh_key.c    |    6 ++++++
 dsa/dsa.h      |    4 ++++
 dsa/dsa_err.c  |    2 ++
 dsa/dsa_ossl.c |   12 ++++++++++++
 rsa/rsa.h      |    6 ++++++
 rsa/rsa_eay.c  |   44 ++++++++++++++++++++++++++++++++++++++++++++
 rsa/rsa_err.c  |    1 +
 9 files changed, 79 insertions(+)

Index: openssl-0.9.8b-cve-2006-2940.patch
===================================================================
RCS file: /cvs/dist/rpms/openssl/devel/openssl-0.9.8b-cve-2006-2940.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- openssl-0.9.8b-cve-2006-2940.patch	28 Sep 2006 19:58:49 -0000	1.1
+++ openssl-0.9.8b-cve-2006-2940.patch	2 Oct 2006 08:37:59 -0000	1.2
@@ -53,7 +53,7 @@
 +	if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
 +		{
 +		DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
-+		goto err;
++		return -1;
 +		}
 +
  	ctx = BN_CTX_new();


Index: openssl.spec
===================================================================
RCS file: /cvs/dist/rpms/openssl/devel/openssl.spec,v
retrieving revision 1.85
retrieving revision 1.86
diff -u -r1.85 -r1.86
--- openssl.spec	28 Sep 2006 19:59:16 -0000	1.85
+++ openssl.spec	2 Oct 2006 08:37:59 -0000	1.86
@@ -21,7 +21,7 @@
 Summary: The OpenSSL toolkit
 Name: openssl
 Version: 0.9.8b
-Release: 7
+Release: 8
 Source: openssl-%{version}-usa.tar.bz2
 Source1: hobble-openssl
 Source2: Makefile.certificate
@@ -363,6 +363,9 @@
 %postun -p /sbin/ldconfig
 
 %changelog
+* Mon Oct  2 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8b-8
+- CVE-2006-2940 fix was incorrect (#208744)
+
 * Mon Sep 25 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8b-7
 - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)
 - fix CVE-2006-2940 - parasitic public keys DoS (#207274)

More information about the fedora-cvs-commits mailing list