aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorpsykose <alice@ayaya.dev>2022-07-30 10:07:46 +0000
committerpsykose <alice@ayaya.dev>2022-07-30 12:10:17 +0200
commit44f04736d2e0e670cfd3b8028643f09e3bb7951e (patch)
tree7b85e6ac81e299dc535e9054aaea1bff6f616310
parent5f8dd209467236ac328e4fb1dd3111806cca90d5 (diff)
main/gnutls: fix CVE-2022-2509
-rw-r--r--main/gnutls/APKBUILD12
-rw-r--r--main/gnutls/CVE-2022-2509.patch32
2 files changed, 41 insertions, 3 deletions
diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD
index 3c72a8194e6..b291f761b7b 100644
--- a/main/gnutls/APKBUILD
+++ b/main/gnutls/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
pkgver=3.7.1
-pkgrel=0
+pkgrel=1
pkgdesc="TLS protocol implementation"
url="https://www.gnutls.org/"
arch="all"
@@ -18,10 +18,13 @@ esac
source="https://www.gnupg.org/ftp/gcrypt/gnutls/v$_v/gnutls-$pkgver.tar.xz
tests-crq.patch
tests-certtool.patch
+ CVE-2022-2509.patch
"
# Upstream Tracker: https://gnutls.org/security-new.html
# secfixes:
+# 3.7.1-r1:
+# - CVE-2022-2509 GNUTLS-SA-2022-07-07
# 3.7.1-r0:
# - CVE-2021-20231 GNUTLS-SA-2021-03-10
# - CVE-2021-20232 GNUTLS-SA-2021-03-10
@@ -75,6 +78,9 @@ xx() {
mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/
}
-sha512sums="0fe801f03676c3bd970387f94578c8be7ba6030904989e7d21dffdc726209bab44c8096fbcb6d51fed2de239537bd00df2338ee9c8d984a1c386826b91062a95 gnutls-3.7.1.tar.xz
+sha512sums="
+0fe801f03676c3bd970387f94578c8be7ba6030904989e7d21dffdc726209bab44c8096fbcb6d51fed2de239537bd00df2338ee9c8d984a1c386826b91062a95 gnutls-3.7.1.tar.xz
3e7d872963cc25e49f1ecf98de7d6f3b6b22d2c1c9e982bc4b22ce658c11d8567903728e5aa33ce7b6d3e25fe0b7a75b8aca3e8f53838155af5abe23887d33fa tests-crq.patch
-3cc35bf7dcf6b7963d59bc346f68e0004151e409899b50e98ba5c675e753ade19a7baf317449343688b1bb2905ef8c8a5677dfe819e701b5bd82374d99adeb65 tests-certtool.patch"
+3cc35bf7dcf6b7963d59bc346f68e0004151e409899b50e98ba5c675e753ade19a7baf317449343688b1bb2905ef8c8a5677dfe819e701b5bd82374d99adeb65 tests-certtool.patch
+a790a23b064196763de6cc8683b7c2ff70a5d7a3caad57aa339ed92318480aabf746de86124fecf4b3fc509a5416cb34fec6c308c9141b113b0e968c7dcf20eb CVE-2022-2509.patch
+"
diff --git a/main/gnutls/CVE-2022-2509.patch b/main/gnutls/CVE-2022-2509.patch
new file mode 100644
index 00000000000..02c4088e6cc
--- /dev/null
+++ b/main/gnutls/CVE-2022-2509.patch
@@ -0,0 +1,32 @@
+Patch-Source: https://github.com/gnutls/gnutls/commit/ce37f9eb265dbe9b6d597f5767449e8ee95848e2
+news/tests trimmed
+---
+From ce37f9eb265dbe9b6d597f5767449e8ee95848e2 Mon Sep 17 00:00:00 2001
+From: Zoltan Fridrich <zfridric@redhat.com>
+Date: Fri, 22 Jul 2022 12:00:11 +0200
+Subject: [PATCH] Fix double free during gnutls_pkcs7_verify
+
+Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
+---
+ .gitignore | 1 +
+ NEWS | 4 +
+ lib/x509/pkcs7.c | 3 +-
+ tests/Makefile.am | 2 +-
+ tests/pkcs7-verify-double-free.c | 215 +++++++++++++++++++++++++++++++
+ 5 files changed, 223 insertions(+), 2 deletions(-)
+ create mode 100644 tests/pkcs7-verify-double-free.c
+
+diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c
+index 3227bf3a25..ff8cab0158 100644
+--- a/lib/x509/pkcs7.c
++++ b/lib/x509/pkcs7.c
+@@ -1322,7 +1322,8 @@ gnutls_x509_crt_t find_signer(gnutls_pkcs7_t pkcs7, gnutls_x509_trust_list_t tl,
+ issuer = find_verified_issuer_of(pkcs7, issuer, purpose, vflags);
+
+ if (issuer != NULL && gnutls_x509_crt_check_issuer(issuer, issuer)) {
+- if (prev) gnutls_x509_crt_deinit(prev);
++ if (prev && prev != signer)
++ gnutls_x509_crt_deinit(prev);
+ prev = issuer;
+ break;
+ }