From ec2e36dc9973f440197933c0d47e28824571d9ce Mon Sep 17 00:00:00 2001 From: dinoex Date: Wed, 20 Aug 2008 16:46:48 +0000 Subject: - Security fix for 0.9.7m Security: CVE-2007-5135 Security: http://www.openssl.org/news/secadv_20071012.txt Submitted by: Jung-uk Kim --- security/openssl/Makefile | 2 +- security/openssl/files/patch-ssl-ssl_lib.c | 42 ++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 security/openssl/files/patch-ssl-ssl_lib.c (limited to 'security/openssl') diff --git a/security/openssl/Makefile b/security/openssl/Makefile index cf639513bd21..71ca5d129047 100644 --- a/security/openssl/Makefile +++ b/security/openssl/Makefile @@ -8,7 +8,7 @@ PORTNAME= openssl .if !defined(WITH_OPENSSL_BETA) && ( defined(WITH_OPENSSL_097) || defined(WITH_OPENSSL_STABLE) ) PORTVERSION= 0.9.7m -PORTREVISION?= 0 +PORTREVISION?= 1 .else PORTVERSION= 0.9.8h PORTREVISION?= 1 diff --git a/security/openssl/files/patch-ssl-ssl_lib.c b/security/openssl/files/patch-ssl-ssl_lib.c new file mode 100644 index 000000000000..826d1c0e9af2 --- /dev/null +++ b/security/openssl/files/patch-ssl-ssl_lib.c @@ -0,0 +1,42 @@ +--- ssl/ssl_lib.c 2006/09/28 11:53:51 1.110.2.19 ++++ ssl/ssl_lib.c 2007/10/04 08:01:21 1.110.2.20 +@@ -1169,7 +1169,6 @@ + char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) + { + char *p; +- const char *cp; + STACK_OF(SSL_CIPHER) *sk; + SSL_CIPHER *c; + int i; +@@ -1182,20 +1181,21 @@ + sk=s->session->ciphers; + for (i=0; iname; *cp; ) ++ n=strlen(c->name); ++ if (n+1 > len) + { +- if (len-- <= 0) +- { +- *p='\0'; +- return(buf); +- } +- else +- *(p++)= *(cp++); ++ if (p != buf) ++ --p; ++ *p='\0'; ++ return buf; + } ++ strcpy(p,c->name); ++ p+=n; + *(p++)=':'; ++ len-=n+1; + } + p[-1]='\0'; + return(buf); -- cgit