diff options
author | Leonardo Arena <rnalrd@alpinelinux.org> | 2016-10-14 10:06:05 +0000 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2016-10-14 10:09:47 +0000 |
commit | 0b9606c74e0669bf33b6218fa17b9c1e765eb79a (patch) | |
tree | bd27a49b1cdd6e60aaaee8af74add26901c92549 | |
parent | 7a08dd0335631987f7d96c246bc226dc514ab5ab (diff) |
main/curl: security fix (CVE-2016-7141). Fixes #6137
(cherry picked from commit 5d819a073fb59aa30d6f4614784fef677bb39a49)
-rw-r--r-- | main/curl/APKBUILD | 16 | ||||
-rw-r--r-- | main/curl/CVE-2016-7141.patch | 42 |
2 files changed, 53 insertions, 5 deletions
diff --git a/main/curl/APKBUILD b/main/curl/APKBUILD index 319b6e311b7..7b5ba898994 100644 --- a/main/curl/APKBUILD +++ b/main/curl/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=curl pkgver=7.49.1 -pkgrel=1 +pkgrel=2 pkgdesc="An URL retrival utility and library" url="http://curl.haxx.se" arch="all" @@ -15,15 +15,18 @@ source="http://curl.haxx.se/download/curl-$pkgver.tar.bz2 CVE-2016-5419.patch CVE-2016-5420.patch CVE-2016-5421.patch + CVE-2016-7141.patch " _builddir="$srcdir/$pkgname-$pkgver" -# security fixes: +# secfixes: # 7.49.1-r1: # - CVE-2016-5419 # - CVE-2016-5420 # - CVE-2016-5421 +# 7.49.1-r-2: +# - CVE-2016-7141 prepare() { local i @@ -57,12 +60,15 @@ package() { md5sums="6bb1f7af5b58b30e4e6414b8c1abccab curl-7.49.1.tar.bz2 290f6b37d95c9731849fc805a2ece53b CVE-2016-5419.patch 150e3c110d6eb85187e109d04317b9e3 CVE-2016-5420.patch -0524664bc926374f6a7b057046924bd2 CVE-2016-5421.patch" +0524664bc926374f6a7b057046924bd2 CVE-2016-5421.patch +7eada1e3745e3cfe8f4057dec273d820 CVE-2016-7141.patch" sha256sums="eb63cec4bef692eab9db459033f409533e6d10e20942f4b060b32819e81885f1 curl-7.49.1.tar.bz2 d3499aaf331fca2303749bdffbedf5677a555a37ada187c1a734926c7cb718e5 CVE-2016-5419.patch 23e1fbd27860c6f46bec094c06b5618da2ab71b091945f587c0d7e8d143472f7 CVE-2016-5420.patch -bca78667ac9110920c5ce31c8d82a784fe327eb184460c1b87fab4de004e6692 CVE-2016-5421.patch" +bca78667ac9110920c5ce31c8d82a784fe327eb184460c1b87fab4de004e6692 CVE-2016-5421.patch +f097d6e5c75ebdaf532aef59e31790a657814bbb7e501dfb2eb6686ddca4f1eb CVE-2016-7141.patch" sha512sums="665ef178c282c14f429498547b3711ef79faf85f6db7f4ec24259e2c6247f6ee234dda158ebc207d03f08b5198c5844480e054f24f054b2de6c6a15d4f1ce6e6 curl-7.49.1.tar.bz2 a596e489b0b566d9dcc8292ccec4d90dfbeae7cb11e250871217ff90d1c9525d602f40e112eb0d47a0a597e5768c105423d1cb0cb2825c39a319ea9d582269d0 CVE-2016-5419.patch 9578f13c5d8e5a5d184b5b08dd7d59de596644084f2de04c025ad8cd78e11dadcff45bf4fab02b8942d7ed19977dec4d220893f675d64ed13b27284d63dfa5f1 CVE-2016-5420.patch -2b5e77dda11dbb77cbfe760da5377c94a1664b04f254c9fa642f49da119d93123ef6ee27e4c08d0ba9094240791ac09273c8be23fa8ca5982f8ed14d6b29ad7e CVE-2016-5421.patch" +2b5e77dda11dbb77cbfe760da5377c94a1664b04f254c9fa642f49da119d93123ef6ee27e4c08d0ba9094240791ac09273c8be23fa8ca5982f8ed14d6b29ad7e CVE-2016-5421.patch +7eae8b37fb9ba8dfc0d6658b37191560668914a84aba411cfdac155bd1749b980514124c0653e85823a8a0e770f47ccc2a4177810b02cfc641c90f008639879e CVE-2016-7141.patch" diff --git a/main/curl/CVE-2016-7141.patch b/main/curl/CVE-2016-7141.patch new file mode 100644 index 00000000000..dab2cc4bd76 --- /dev/null +++ b/main/curl/CVE-2016-7141.patch @@ -0,0 +1,42 @@ +From 7700fcba64bf5806de28f6c1c7da3b4f0b38567d Mon Sep 17 00:00:00 2001 +From: Kamil Dudka <kdudka@redhat.com> +Date: Mon, 22 Aug 2016 10:24:35 +0200 +Subject: [PATCH] nss: refuse previously loaded certificate from file + +... when we are not asked to use a certificate from file +--- + lib/vtls/nss.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c +index 20c4277..cfb2263 100644 +--- a/lib/vtls/nss.c ++++ b/lib/vtls/nss.c +@@ -1002,10 +1002,10 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock, + struct ssl_connect_data *connssl = (struct ssl_connect_data *)arg; + struct Curl_easy *data = connssl->data; + const char *nickname = connssl->client_nickname; ++ static const char pem_slotname[] = "PEM Token #1"; + + if(connssl->obj_clicert) { + /* use the cert/key provided by PEM reader */ +- static const char pem_slotname[] = "PEM Token #1"; + SECItem cert_der = { 0, NULL, 0 }; + void *proto_win = SSL_RevealPinArg(sock); + struct CERTCertificateStr *cert; +@@ -1067,6 +1067,12 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock, + if(NULL == nickname) + nickname = "[unknown]"; + ++ if(!strncmp(nickname, pem_slotname, sizeof(pem_slotname) - 1U)) { ++ failf(data, "NSS: refusing previously loaded certificate from file: %s", ++ nickname); ++ return SECFailure; ++ } ++ + if(NULL == *pRetKey) { + failf(data, "NSS: private key not found for certificate: %s", nickname); + return SECFailure; +-- +2.7.4 + |