rpms/openssl/devel openssl-0.9.8b-cve-2006-2940.patch, 1.1, 1.2 openssl.spec, 1.85, 1.86
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Oct 2 08:38:01 UTC 2006
Author: tmraz
Update of /cvs/dist/rpms/openssl/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv15152
Modified Files:
openssl-0.9.8b-cve-2006-2940.patch openssl.spec
Log Message:
* Mon Oct 2 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8b-8
- CVE-2006-2940 fix was incorrect (#208744)
openssl-0.9.8b-cve-2006-2940.patch:
dh/dh.h | 3 +++
dh/dh_err.c | 1 +
dh/dh_key.c | 6 ++++++
dsa/dsa.h | 4 ++++
dsa/dsa_err.c | 2 ++
dsa/dsa_ossl.c | 12 ++++++++++++
rsa/rsa.h | 6 ++++++
rsa/rsa_eay.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
rsa/rsa_err.c | 1 +
9 files changed, 79 insertions(+)
Index: openssl-0.9.8b-cve-2006-2940.patch
===================================================================
RCS file: /cvs/dist/rpms/openssl/devel/openssl-0.9.8b-cve-2006-2940.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- openssl-0.9.8b-cve-2006-2940.patch 28 Sep 2006 19:58:49 -0000 1.1
+++ openssl-0.9.8b-cve-2006-2940.patch 2 Oct 2006 08:37:59 -0000 1.2
@@ -53,7 +53,7 @@
+ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
+ {
+ DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
-+ goto err;
++ return -1;
+ }
+
ctx = BN_CTX_new();
Index: openssl.spec
===================================================================
RCS file: /cvs/dist/rpms/openssl/devel/openssl.spec,v
retrieving revision 1.85
retrieving revision 1.86
diff -u -r1.85 -r1.86
--- openssl.spec 28 Sep 2006 19:59:16 -0000 1.85
+++ openssl.spec 2 Oct 2006 08:37:59 -0000 1.86
@@ -21,7 +21,7 @@
Summary: The OpenSSL toolkit
Name: openssl
Version: 0.9.8b
-Release: 7
+Release: 8
Source: openssl-%{version}-usa.tar.bz2
Source1: hobble-openssl
Source2: Makefile.certificate
@@ -363,6 +363,9 @@
%postun -p /sbin/ldconfig
%changelog
+* Mon Oct 2 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8b-8
+- CVE-2006-2940 fix was incorrect (#208744)
+
* Mon Sep 25 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8b-7
- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)
- fix CVE-2006-2940 - parasitic public keys DoS (#207274)
More information about the fedora-cvs-commits
mailing list