[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
05/06: gnu: Remove unused patch.
|
From: |
guix-commits |
|
Subject: |
05/06: gnu: Remove unused patch. |
|
Date: |
Sun, 30 Jan 2022 11:15:47 -0500 (EST) |
mbakke pushed a commit to branch master
in repository guix.
commit 9b8839099e6c4447ad7c94451817f38f467f1e8f
Author: Marius Bakke <marius@gnu.org>
AuthorDate: Sun Jan 30 16:29:48 2022 +0100
gnu: Remove unused patch.
* gnu/packages/patches/openssl-CVE-2019-1559.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
---
gnu/local.mk | 1 -
gnu/packages/patches/openssl-CVE-2019-1559.patch | 60 ------------------------
2 files changed, 61 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index 4822e8e250..d0dd972481 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1581,7 +1581,6 @@ dist_patch_DATA =
\
%D%/packages/patches/openssl-1.1-c-rehash-in.patch \
%D%/packages/patches/openssl-3.0-c-rehash-in.patch \
%D%/packages/patches/openssl-c-rehash-in.patch \
- %D%/packages/patches/openssl-CVE-2019-1559.patch \
%D%/packages/patches/open-zwave-hidapi.patch \
%D%/packages/patches/orpheus-cast-errors-and-includes.patch \
%D%/packages/patches/osip-CVE-2017-7853.patch \
diff --git a/gnu/packages/patches/openssl-CVE-2019-1559.patch
b/gnu/packages/patches/openssl-CVE-2019-1559.patch
deleted file mode 100644
index 3e630037b5..0000000000
--- a/gnu/packages/patches/openssl-CVE-2019-1559.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Fri, 14 Dec 2018 07:28:30 +0000
-Subject: [PATCH] Go into the error state if a fatal alert is sent or received
-
-If an application calls SSL_shutdown after a fatal alert has occured and
-then behaves different based on error codes from that function then the
-application may be vulnerable to a padding oracle.
-
-CVE-2019-1559
-
-Reviewed-by: Richard Levitte <levitte@openssl.org>
----
- ssl/d1_pkt.c | 1 +
- ssl/s3_pkt.c | 10 +++++++---
- 2 files changed, 8 insertions(+), 3 deletions(-)
-
-diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
-index 23aa9db..c7fe977 100644
---- a/ssl/d1_pkt.c
-+++ b/ssl/d1_pkt.c
-@@ -1309,6 +1309,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char
*buf, int len, int peek)
- ERR_add_error_data(2, "SSL alert number ", tmp);
- s->shutdown |= SSL_RECEIVED_SHUTDOWN;
- SSL_CTX_remove_session(s->session_ctx, s->session);
-+ s->state = SSL_ST_ERR;
- return (0);
- } else {
- al = SSL_AD_ILLEGAL_PARAMETER;
-diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
-index 6527df8..830b723 100644
---- a/ssl/s3_pkt.c
-+++ b/ssl/s3_pkt.c
-@@ -1500,6 +1500,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char
*buf, int len, int peek)
- ERR_add_error_data(2, "SSL alert number ", tmp);
- s->shutdown |= SSL_RECEIVED_SHUTDOWN;
- SSL_CTX_remove_session(s->session_ctx, s->session);
-+ s->state = SSL_ST_ERR;
- return (0);
- } else {
- al = SSL_AD_ILLEGAL_PARAMETER;
-@@ -1719,9 +1720,12 @@ int ssl3_send_alert(SSL *s, int level, int desc)
- * protocol_version alerts */
- if (desc < 0)
- return -1;
-- /* If a fatal one, remove from cache */
-- if ((level == 2) && (s->session != NULL))
-- SSL_CTX_remove_session(s->session_ctx, s->session);
-+ /* If a fatal one, remove from cache and go into the error state */
-+ if (level == SSL3_AL_FATAL) {
-+ if (s->session != NULL)
-+ SSL_CTX_remove_session(s->session_ctx, s->session);
-+ s->state = SSL_ST_ERR;
-+ }
-
- s->s3->alert_dispatch = 1;
- s->s3->send_alert[0] = level;
---
-2.7.4
-
- branch master updated (3e497b3a4c -> 43dd34c777), guix-commits, 2022/01/30
- 02/06: gnu: expat: Update replacement to 2.4.4 [fixes CVE-2022-23852, CVE-2022-23990]., guix-commits, 2022/01/30
- 04/06: gnu: OpenSSL: Add 3.0., guix-commits, 2022/01/30
- 01/06: gnu: waylandpp: Update to 0.2.9., guix-commits, 2022/01/30
- 06/06: gnu: Remove OpenSSL 1.0., guix-commits, 2022/01/30
- 03/06: gnu: util-linux-with-udev: Remove input labels., guix-commits, 2022/01/30
- 05/06: gnu: Remove unused patch.,
guix-commits <=