nss: CVE-2013-5606
the patch comes from: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5606 https://bugzilla.mozilla.org/show_bug.cgi?id=910438 http://hg.mozilla.org/projects/nss/rev/d29898e0981c The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate. (From OE-Core rev: 1e153b1b21276d56144add464d592cd7b96a4ede) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
0685207d43
commit
21b1cd1c24
|
@ -0,0 +1,48 @@
|
|||
nss: CVE-2013-5606
|
||||
|
||||
Upstream-Status: Backport
|
||||
|
||||
the patch comes from:
|
||||
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5606
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=910438
|
||||
http://hg.mozilla.org/projects/nss/rev/d29898e0981c
|
||||
|
||||
The CERT_VerifyCert function in lib/certhigh/certvfy.c in
|
||||
Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides
|
||||
an unexpected return value for an incompatible key-usage certificate
|
||||
when the CERTVerifyLog argument is valid, which might allow remote
|
||||
attackers to bypass intended access restrictions via a crafted certificate.
|
||||
|
||||
Signed-off-by: Li Wang <li.wang@windriver.com>
|
||||
---
|
||||
nss/lib/certhigh/certvfy.c | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/nss/lib/certhigh/certvfy.c b/nss/lib/certhigh/certvfy.c
|
||||
index f364ceb..f450205 100644
|
||||
--- a/nss/lib/certhigh/certvfy.c
|
||||
+++ b/nss/lib/certhigh/certvfy.c
|
||||
@@ -1312,7 +1312,7 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
|
||||
PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
|
||||
LOG_ERROR_OR_EXIT(log,cert,0,flags);
|
||||
} else if (trusted) {
|
||||
- goto winner;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
|
||||
@@ -1340,7 +1340,10 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
|
||||
}
|
||||
}
|
||||
|
||||
-winner:
|
||||
+done:
|
||||
+ if (log && log->head) {
|
||||
+ return SECFailure;
|
||||
+ }
|
||||
return(SECSuccess);
|
||||
|
||||
loser:
|
||||
--
|
||||
1.7.9.5
|
||||
|
|
@ -21,6 +21,7 @@ SRC_URI = "\
|
|||
file://nss-CVE-2014-1492.patch \
|
||||
file://nss-CVE-2013-1740.patch \
|
||||
file://nss-3.15.1-fix-CVE-2013-1739.patch \
|
||||
file://nss-CVE-2013-5606.patch \
|
||||
"
|
||||
SRC_URI_append_class-target = "\
|
||||
file://nss.pc.in \
|
||||
|
|
Loading…
Reference in New Issue