[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: nss: Fix CVE-2019-11745 via graft.
|
From: |
guix-commits |
|
Subject: |
01/01: gnu: nss: Fix CVE-2019-11745 via graft. |
|
Date: |
Wed, 11 Dec 2019 01:54:52 -0500 (EST) |
mhw pushed a commit to branch master
in repository guix.
commit 04b33ce205f38813b4dbd04b6ad3c7aa0be0b6f6
Author: Mark H Weaver <address@hidden>
Date: Tue Dec 10 18:20:51 2019 -0500
gnu: nss: Fix CVE-2019-11745 via graft.
* gnu/packages/patches/nss-CVE-2019-11745.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/nss.scm (nss/fixed): New variable.
(nss)[replacement]: Add field.
---
gnu/local.mk | 1 +
gnu/packages/nss.scm | 9 +++++++++
gnu/packages/patches/nss-CVE-2019-11745.patch | 24 ++++++++++++++++++++++++
3 files changed, 34 insertions(+)
diff --git a/gnu/local.mk b/gnu/local.mk
index 0faa0ba..00ff3b8 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1180,6 +1180,7 @@ dist_patch_DATA =
\
%D%/packages/patches/ngircd-handle-zombies.patch \
%D%/packages/patches/nm-plugin-path.patch \
%D%/packages/patches/nsis-env-passthru.patch \
+ %D%/packages/patches/nss-CVE-2019-11745.patch \
%D%/packages/patches/nss-freebl-stubs.patch \
%D%/packages/patches/nss-increase-test-timeout.patch \
%D%/packages/patches/nss-pkgconfig.patch \
diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm
index 65f95aa..4f421f6 100644
--- a/gnu/packages/nss.scm
+++ b/gnu/packages/nss.scm
@@ -71,6 +71,7 @@ in the Mozilla clients.")
(package
(name "nss")
(version "3.46.1")
+ (replacement nss/fixed)
(source (origin
(method url-fetch)
(uri (let ((version-with-underscores
@@ -183,3 +184,11 @@ applications. Applications built with NSS can support SSL
v2 and v3, TLS,
PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
security standards.")
(license license:mpl2.0)))
+
+(define nss/fixed
+ (package
+ (inherit nss)
+ (source (origin
+ (inherit (package-source nss))
+ (patches (append (search-patches "nss-CVE-2019-11745.patch")
+ (origin-patches (package-source nss))))))))
diff --git a/gnu/packages/patches/nss-CVE-2019-11745.patch
b/gnu/packages/patches/nss-CVE-2019-11745.patch
new file mode 100644
index 0000000..ae0eeda
--- /dev/null
+++ b/gnu/packages/patches/nss-CVE-2019-11745.patch
@@ -0,0 +1,24 @@
+Fix CVE-2019-11745 (Out-of-bounds write when passing an output buffer smaller
+than the block size to NSC_EncryptUpdate).
+
+Copied from Debian, equivalent to upstream fix:
+<https://hg.mozilla.org/projects/nss/rev/1e22a0c93afe9f46545560c86caedef9dab6cfda>.
+
+# HG changeset patch
+# User Craig Disselkoen <address@hidden>
+# Date 1574189697 25200
+# Node ID 60bca7c6dc6dc44579b9b3e0fb62ca3b82d92eec
+# Parent 64e55c9f658e2a75f0835d00a8a1cdc2f25c74d6
+Bug 1586176 - EncryptUpdate should use maxout not block size. r=franziskus
+
+--- a/nss/lib/softoken/pkcs11c.c
++++ b/nss/lib/softoken/pkcs11c.c
+@@ -1285,7 +1285,7 @@ NSC_EncryptUpdate(CK_SESSION_HANDLE hSes
+ }
+ /* encrypt the current padded data */
+ rv = (*context->update)(context->cipherInfo, pEncryptedPart,
+- &padoutlen, context->blockSize,
context->padBuf,
++ &padoutlen, maxout, context->padBuf,
+ context->blockSize);
+ if (rv != SECSuccess) {
+ return sftk_MapCryptError(PORT_GetError());