security updatev3.5.4

author: Brent Cook <busterb@gmail.com> 2023-02-07 10:25:48 -0600
committer: Brent Cook <busterb@gmail.com> 2023-02-07 10:25:48 -0600
commit: d0bfd7476ce462f642aac827cc23bdc2bc78b13b (patch)
tree: c4275dc2c8c9c45b35b49e9ca83194419b333229
parent: 1e562926d80ae8006296eb7926de6cbebc32d3ee (diff)
download: portable-3.5.4.tar.gz
portable-3.5.4.tar.bz2
portable-3.5.4.zip
4 files changed, 29 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 4ecab20..40e7684 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,12 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+3.5.4 - Stable release
+        * Security fix
+          - A malicious certificate revocation list or timestamp response token
+            would allow an attacker to read arbitrary memory.
 3.5.3 - Reliability fix
        * Fix d2i_ASN1_OBJECT(). A confusion of two CBS resulted in advancing
diff --git a/patches/opensslv.h b/patches/opensslv.h
index f24afb9..2f7b1f9 100644
--- a/patches/opensslv.h
+++ b/patches/opensslv.h
@@ -1,11 +1,11 @@
-/* $OpenBSD: opensslv.h,v 1.69 2022/03/15 21:15:08 bcook Exp $ */
+/* $OpenBSD: opensslv.h,v 1.70 2022/07/04 12:31:55 tb Exp $ */
 #ifndef HEADER_OPENSSLV_H
 #define HEADER_OPENSSLV_H
 /* These will change with each release of LibreSSL-portable */
-#define LIBRESSL_VERSION_NUMBER 0x3050300fL
+#define LIBRESSL_VERSION_NUMBER 0x3050400fL
 /*                                    ^ Patch starts here   */
-#define LIBRESSL_VERSION_TEXT   "LibreSSL 3.5.3"
+#define LIBRESSL_VERSION_TEXT   "LibreSSL 3.5.4"
 /* These will never change */
 #define OPENSSL_VERSION_NUMBER  0x20000000L
diff --git a/patches/x509_genn.c.diff b/patches/x509_genn.c.diff
new file mode 100644
index 0000000..1c6ea8c
--- /dev/null
+++ b/patches/x509_genn.c.diff
@@ -0,0 +1,17 @@
+Index: lib/libcrypto/x509/x509_genn.c
+===================================================================
+RCS file: /cvs/src/lib/libcrypto/x509/x509_genn.c,v
+retrieving revision 1.2
+diff -u -p -r1.2 x509_genn.c
+--- lib/libcrypto/x509/x509_genn.c      8 Dec 2020 15:06:42 -0000       1.2
+++ lib/libcrypto/x509/x509_genn.c      24 Jan 2023 09:43:06 -0000
+@@ -366,7 +366,8 @@ GENERAL_NAME_cmp(GENERAL_NAME *a, GENERA
+                return -1;
+        switch (a->type) {
+        case GEN_X400:
+-               result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
+               result = ASN1_STRING_cmp((ASN1_STRING *)a->d.x400Address,
+                   (ASN1_STRING *)b->d.x400Address);
+                break;
+ 
+        case GEN_EDIPARTY:
diff --git a/update.sh b/update.sh
index 6832fe8..7d3f8e5 100755
--- a/update.sh
+++ b/update.sh
@@ -362,6 +362,9 @@ done
 (cd crypto
        $PATCH -p4 < ../patches/uninit_asn1_string_to_utf8.diff
 )
+(cd crypto
+        $PATCH -p2 < ../patches/x509_genn.c.diff
+)
 # copy manpages
 echo "copying manpages"
author	Brent Cook <busterb@gmail.com>	2023-02-07 10:25:48 -0600
committer	Brent Cook <busterb@gmail.com>	2023-02-07 10:25:48 -0600
commit	d0bfd7476ce462f642aac827cc23bdc2bc78b13b (patch)
tree	c4275dc2c8c9c45b35b49e9ca83194419b333229
parent	1e562926d80ae8006296eb7926de6cbebc32d3ee (diff)
download	portable-3.5.4.tar.gz portable-3.5.4.tar.bz2 portable-3.5.4.zip

diff --git a/ChangeLog b/ChangeLog index 4ecab20..40e7684 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,12 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	3.5.4 - Stable release
		32
		33	* Security fix
		34	- A malicious certificate revocation list or timestamp response token
		35	would allow an attacker to read arbitrary memory.
		36
31	3.5.3 - Reliability fix	37	3.5.3 - Reliability fix
32		38
33	* Fix d2i_ASN1_OBJECT(). A confusion of two CBS resulted in advancing	39	* Fix d2i_ASN1_OBJECT(). A confusion of two CBS resulted in advancing


diff --git a/patches/opensslv.h b/patches/opensslv.h index f24afb9..2f7b1f9 100644 --- a/patches/opensslv.h +++ b/patches/opensslv.h
@@ -1,11 +1,11 @@
1	/* $OpenBSD: opensslv.h,v 1.69 2022/03/15 21:15:08 bcook Exp $ */	1	/* $OpenBSD: opensslv.h,v 1.70 2022/07/04 12:31:55 tb Exp $ */
2	#ifndef HEADER_OPENSSLV_H	2	#ifndef HEADER_OPENSSLV_H
3	#define HEADER_OPENSSLV_H	3	#define HEADER_OPENSSLV_H
4		4
5	/* These will change with each release of LibreSSL-portable */	5	/* These will change with each release of LibreSSL-portable */
6	#define LIBRESSL_VERSION_NUMBER 0x3050300fL	6	#define LIBRESSL_VERSION_NUMBER 0x3050400fL
7	/* ^ Patch starts here */	7	/* ^ Patch starts here */
8	#define LIBRESSL_VERSION_TEXT "LibreSSL 3.5.3"	8	#define LIBRESSL_VERSION_TEXT "LibreSSL 3.5.4"
9		9
10	/* These will never change */	10	/* These will never change */
11	#define OPENSSL_VERSION_NUMBER 0x20000000L	11	#define OPENSSL_VERSION_NUMBER 0x20000000L


diff --git a/patches/x509_genn.c.diff b/patches/x509_genn.c.diff new file mode 100644 index 0000000..1c6ea8c --- /dev/null +++ b/patches/x509_genn.c.diff
@@ -0,0 +1,17 @@
		1	Index: lib/libcrypto/x509/x509_genn.c
		2	===================================================================
		3	RCS file: /cvs/src/lib/libcrypto/x509/x509_genn.c,v
		4	retrieving revision 1.2
		5	diff -u -p -r1.2 x509_genn.c
		6	--- lib/libcrypto/x509/x509_genn.c 8 Dec 2020 15:06:42 -0000 1.2
		7	+++ lib/libcrypto/x509/x509_genn.c 24 Jan 2023 09:43:06 -0000
		8	@@ -366,7 +366,8 @@ GENERAL_NAME_cmp(GENERAL_NAME *a, GENERA
		9	return -1;
		10	switch (a->type) {
		11	case GEN_X400:
		12	- result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
		13	+ result = ASN1_STRING_cmp((ASN1_STRING *)a->d.x400Address,
		14	+ (ASN1_STRING *)b->d.x400Address);
		15	break;
		16
		17	case GEN_EDIPARTY:


diff --git a/update.sh b/update.sh index 6832fe8..7d3f8e5 100755 --- a/update.sh +++ b/update.sh
@@ -362,6 +362,9 @@ done
362	(cd crypto	362	(cd crypto
363	$PATCH -p4 < ../patches/uninit_asn1_string_to_utf8.diff	363	$PATCH -p4 < ../patches/uninit_asn1_string_to_utf8.diff
364	)	364	)
		365	(cd crypto
		366	$PATCH -p2 < ../patches/x509_genn.c.diff
		367	)
365		368
366	# copy manpages	369	# copy manpages
367	echo "copying manpages"	370	echo "copying manpages"