aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2018-10-08 13:05:27 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2018-10-08 13:26:31 +0000
commite043f4360d1a4acefce7229bd7836a3db968e86c (patch)
treedbc3e09db7829ecbc5b0b6faddd9f21ad63a3b3c
parent6b5e91624ae5ccf42f83f5799de854c9aa486ca7 (diff)
downloadaports-e043f4360d1a4acefce7229bd7836a3db968e86c.tar.gz
aports-e043f4360d1a4acefce7229bd7836a3db968e86c.tar.bz2
aports-e043f4360d1a4acefce7229bd7836a3db968e86c.tar.xz
main/strongswan: security fix (CVE-2018-17540)
Fixes #9517
-rw-r--r--main/strongswan/APKBUILD6
-rw-r--r--main/strongswan/strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch38
2 files changed, 43 insertions, 1 deletions
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD
index 04bb60dca9..3f73b417b2 100644
--- a/main/strongswan/APKBUILD
+++ b/main/strongswan/APKBUILD
@@ -3,7 +3,7 @@
pkgname=strongswan
pkgver=5.6.3
_pkgver=${pkgver//_rc/rc}
-pkgrel=1
+pkgrel=2
pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
url="https://www.strongswan.org/"
arch="all"
@@ -23,6 +23,7 @@ source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2
1003-vici-add-support-for-individual-sa-state-changes.patch
libressl.patch
CVE-2018-16151-CVE-2018-16152.patch
+ strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch
strongswan.initd
charon.initd
@@ -30,6 +31,8 @@ source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2
builddir="$srcdir/$pkgname-$_pkgver"
# secfixes:
+# 5.6.3-r2:
+# - CVE-2018-17540
# 5.6.3-r1:
# - CVE-2018-16151
# - CVE-2018-16152
@@ -129,5 +132,6 @@ df5673107ea15dae28276b1cbc2a0d995d9a210c9c73ee478cb0f4eba0e3ef76856708119a5ebdf5
d92ec44ac03c3eabe7583c01b15c66c9286681f42cf1d6ced3e1096c27c174014e14112610d2e12c8ccf6c2d8c1a5242e10e2520d41995f8aac145bd603facfc 1003-vici-add-support-for-individual-sa-state-changes.patch
75c5f1c8558efa9e863490be7c675ea7c56baa102d1cef192ca90d40dc2c9abfaff664c6d76a2a88d2ee4212a8b0106666cafe2a8e753532aabe6eb798382773 libressl.patch
27a6352e71e192dde2e740d0f1958565635b07b827194ffb49c1d763c0b1db2ff52cad165a43057f6ee9fee133b88aec36391cd418da9e85766b2d64a96c5bc1 CVE-2018-16151-CVE-2018-16152.patch
+3e620641400aaf01c9df4b069548d593fcc728f870c49abbe22128866eeaf4092740620e2d72bd90ded24a6ee5263778a835991f777a24d149d4bed6b9f509f8 strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch
8b61e3ffbb39b837733e602ec329e626dc519bf7308d3d4192b497d18f38176789d23ef5afec51f8463ee1ddaf4d74546b965c03184132e217cbc27017e886c9 strongswan.initd
1c44c801f66305c0331f76e580c0d60f1b7d5cd3cc371be55826b06c3899f542664628a912a7fb48626e34d864f72ca5dcd34b2f0d507c4f19c510d0047054c1 charon.initd"
diff --git a/main/strongswan/strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch b/main/strongswan/strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch
new file mode 100644
index 0000000000..225a5c803e
--- /dev/null
+++ b/main/strongswan/strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch
@@ -0,0 +1,38 @@
+From 129ab919a8c3abfc17bea776f0774e0ccf33ca09 Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias@strongswan.org>
+Date: Tue, 25 Sep 2018 14:50:08 +0200
+Subject: [PATCH] gmp: Fix buffer overflow with very small RSA keys
+
+Because `keylen` is unsigned the subtraction results in an integer
+underflow if the key length is < 11 bytes.
+
+This is only a problem when verifying signatures with a public key (for
+private keys the plugin enforces a minimum modulus length) and to do so
+we usually only use trusted keys. However, the x509 plugin actually
+calls issued_by() on a parsed certificate to check if it is self-signed,
+which is the reason this issue was found by OSS-Fuzz in the first place.
+So, unfortunately, this can be triggered by sending an invalid client
+cert to a peer.
+
+Fixes: 5955db5b124a ("gmp: Don't parse PKCS1 v1.5 RSA signatures to verify them")
+Fixes: CVE-2018-17540
+---
+ src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+index e9a83fdf49a1..a255a40abce2 100644
+--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
++++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+@@ -301,7 +301,7 @@ bool gmp_emsa_pkcs1_signature_data(hash_algorithm_t hash_algorithm,
+ data = digestInfo;
+ }
+
+- if (data.len > keylen - 11)
++ if (keylen < 11 || data.len > keylen - 11)
+ {
+ chunk_free(&digestInfo);
+ DBG1(DBG_LIB, "signature value of %zu bytes is too long for key of "
+--
+2.7.4
+