Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
aports
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Monitor
Service Desk
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
alpine
aports
Commits
91c7a9f3
Commit
91c7a9f3
authored
2 years ago
by
J0WI
Browse files
Options
Downloads
Patches
Plain Diff
main/libretls: patch CVE-2022-0778
parent
a4f69150
No related branches found
No related tags found
2 merge requests
!33638
wee3.15
,
!32088
[3.15] main/libretls: patch CVE-2022-0778
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
main/libretls/APKBUILD
+7
-1
7 additions, 1 deletion
main/libretls/APKBUILD
main/libretls/CVE-2022-0778.patch
+54
-0
54 additions, 0 deletions
main/libretls/CVE-2022-0778.patch
with
61 additions
and
1 deletion
main/libretls/APKBUILD
+
7
−
1
View file @
91c7a9f3
...
...
@@ -2,7 +2,7 @@
# Maintainer: Ariadne Conill <ariadne@dereferenced.org>
pkgname
=
libretls
pkgver
=
3.3.4
pkgrel
=
2
pkgrel
=
3
pkgdesc
=
"port of libtls from libressl to openssl"
arch
=
"all"
url
=
"https://git.causal.agency/libretls/"
...
...
@@ -16,8 +16,13 @@ makedepends_build="$base_deps"
subpackages
=
"
$pkgname
-doc
$pkgname
-static
$pkgname
-dev"
source
=
"https://causal.agency/libretls/libretls-
$pkgver
.tar.gz
CVE-2022-0778.patch
test_program.c"
# secfixes:
# 3.3.4-r3:
# - CVE-2022-0778
prepare
()
{
default_prepare
...
...
@@ -55,5 +60,6 @@ check() {
sha512sums
=
"
ae6f1b7bf9f61948e88ce87c93921b2b27652d85a95062f38abe7dfbb30d40c974c79b7d6faab43b3a987abff5e761b5c2a1982af8cc1511fb3136c580a0e3d6 libretls-3.3.4.tar.gz
e6371f3e2b071f9cd805562a81aa2a1e5cf141d3b8f05d03713deb9f4f13778fe1ec5c05a7a398bfe358442b5776e9905f4c9b78ec109a2c98c9f12473bb4ccf CVE-2022-0778.patch
71d36fe25c95a0a45497e3f699b01dddcaae9053dd1b1e2419df94272c47024cf6516c51c902129201061601b04a72551904b15a332a4cf53358983b5db73618 test_program.c
"
This diff is collapsed.
Click to expand it.
main/libretls/CVE-2022-0778.patch
0 → 100644
+
54
−
0
View file @
91c7a9f3
From 3a4ec28b238edf9d85759b7a3d78fd85e4d5aaef Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Sat, 12 Mar 2022 11:26:23 -0600
Subject: [PATCH] add infinite loop fix in BN_mod_sqrt
---
patches/bn_sqrt.patch | 38 ++++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
create mode 100644 patches/bn_sqrt.patch
diff --git a/patches/bn_sqrt.patch b/patches/bn_sqrt.patch
new file mode 100644
index 000000000..495de3120
--- /dev/null
+++ b/patches/bn_sqrt.patch
@@ -0,0 +1,38 @@
+--- crypto/bn/bn_sqrt.c.orig Fri Feb 18 16:30:39 2022
++++ crypto/bn/bn_sqrt.c Sat Mar 12 11:23:53 2022
+@@ -351,21 +351,22 @@
+ goto vrfy;
+ }
+
+-
+- /* find smallest i such that b^(2^i) = 1 */
+- i = 1;
+- if (!BN_mod_sqr(t, b, p, ctx))
+- goto end;
+- while (!BN_is_one(t)) {
+- i++;
+- if (i == e) {
+- BNerror(BN_R_NOT_A_SQUARE);
+- goto end;
++ /* Find the smallest i with 0 < i < e such that b^(2^i) = 1. */
++ for (i = 1; i < e; i++) {
++ if (i == 1) {
++ if (!BN_mod_sqr(t, b, p, ctx))
++ goto end;
++ } else {
++ if (!BN_mod_sqr(t, t, p, ctx))
++ goto end;
+ }
+- if (!BN_mod_mul(t, t, t, p, ctx))
+- goto end;
++ if (BN_is_one(t))
++ break;
+ }
+-
++ if (i >= e) {
++ BNerror(BN_R_NOT_A_SQUARE);
++ goto end;
++ }
+
+ /* t := y^2^(e - i - 1) */
+ if (!BN_copy(t, y))
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment