Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/gnutls/patches/03-cve-2011-4128.patch
changeset 4062 f45bb9cec48c 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/gnutls/patches/03-cve-2011-4128.patch	Fri Mar 20 22:56:27 2015 -0700
@@ -0,0 +1,29 @@
+Source:
+http://www.gnutls.org/security.html
+Info:
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4128
+Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c     
+in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client 
+that performs nonstandard session resumption, allows remote TLS servers to 
+cause a denial of service (application crash) via a large SessionTicket.
+Status:
+Need to determine if this patch has been sent upstream.
+
+--- gnutls-2.8.6/lib/gnutls_session.c.orig	Fri Apr  6 11:19:30 2012
++++ gnutls-2.8.6/lib/gnutls_session.c	Fri Apr  6 11:19:51 2012
+@@ -64,7 +64,6 @@
+       gnutls_assert ();
+       return ret;
+     }
+-  *session_data_size = psession.size;
+ 
+   if (psession.size > *session_data_size)
+     {
+@@ -71,6 +70,7 @@
+       ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+       goto error;
+     }
++  *session_data_size = psession.size;
+ 
+   if (session_data != NULL)
+     memcpy (session_data, psession.data, psession.size);
upstream/oracle/userland-gate