[gnome-continuous-yocto/gnomeostree-3.22-krogoth: 84/246] openssl: Security fix CVE-2016-2178
- From: Emmanuele Bassi <ebassi src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-continuous-yocto/gnomeostree-3.22-krogoth: 84/246] openssl: Security fix CVE-2016-2178
- Date: Thu, 14 Dec 2017 11:55:15 +0000 (UTC)
commit 9995a7a144bce1bc94208223ed83d9dabe0084f3
Author: Armin Kuster <akuster mvista com>
Date: Fri Sep 23 23:00:38 2016 -0700
openssl: Security fix CVE-2016-2178
affects openssl < 1.0.2i
(From OE-Core rev: 2752dba61da730ccd914b7720490754a476d1024)
Signed-off-by: Armin Kuster <akuster mvista com>
Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>
.../openssl/openssl/CVE-2016-2178.patch | 54 ++++++++++++++++++++
.../recipes-connectivity/openssl/openssl_1.0.2h.bb | 1 +
2 files changed, 55 insertions(+), 0 deletions(-)
---
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch
b/meta/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch
new file mode 100644
index 0000000..07b1310
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch
@@ -0,0 +1,54 @@
+From 621eaf49a289bfac26d4cbcdb7396e796784c534 Mon Sep 17 00:00:00 2001
+From: Cesar Pereida <cesar pereida aalto fi>
+Date: Mon, 23 May 2016 12:45:25 +0300
+Subject: [PATCH] Fix DSA, preserve BN_FLG_CONSTTIME
+
+Operations in the DSA signing algorithm should run in constant time in
+order to avoid side channel attacks. A flaw in the OpenSSL DSA
+implementation means that a non-constant time codepath is followed for
+certain operations. This has been demonstrated through a cache-timing
+attack to be sufficient for an attacker to recover the private DSA key.
+
+CVE-2016-2178
+
+Reviewed-by: Richard Levitte <levitte openssl org>
+Reviewed-by: Matt Caswell <matt openssl org>
+
+Upstream-Status: Backport
+CVE: CVE-2016-2178
+Signed-off-by: Armin Kuster <akuster mvista com>
+
+---
+ crypto/dsa/dsa_ossl.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
+index efc4f1b..b29eb4b 100644
+--- a/crypto/dsa/dsa_ossl.c
++++ b/crypto/dsa/dsa_ossl.c
+@@ -248,9 +248,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ if (!BN_rand_range(&k, dsa->q))
+ goto err;
+ while (BN_is_zero(&k)) ;
+- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
+- BN_set_flags(&k, BN_FLG_CONSTTIME);
+- }
+
+ if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
+ if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+@@ -279,9 +276,12 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ }
+
+ K = &kq;
++
++ BN_set_flags(K, BN_FLG_CONSTTIME);
+ } else {
+ K = &k;
+ }
++
+ DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
+ dsa->method_mont_p);
+ if (!BN_mod(r, r, dsa->q, ctx))
+--
+2.7.4
+
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb
b/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb
index ae65992..0db19fa 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb
@@ -38,6 +38,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
file://ptest_makefile_deps.patch \
file://configure-musl-target.patch \
file://parallel.patch \
+ file://CVE-2016-2178.patch \
"
SRC_URI[md5sum] = "9392e65072ce4b614c1392eefc1f23d0"
SRC_URI[sha256sum] = "1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919"
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
