Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
openssl.11276
openssl-CVE-2016-2107.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2016-2107.patch of Package openssl.11276
From 9e79d38892dc30c874934e0aef7409d31d4bf37f Mon Sep 17 00:00:00 2001 From: Kurt Roeckx <kurt@roeckx.be> Date: Sat, 16 Apr 2016 23:08:56 +0200 Subject: [PATCH] Check that we have enough padding characters. CVE-2016-2107 --- crypto/evp/e_aes_cbc_hmac_sha1.c | 3 +++ crypto/evp/e_aes_cbc_hmac_sha256.c | 3 +++ 2 files changed, 6 insertions(+), 0 deletions(-) Index: openssl-1.0.1i/crypto/evp/e_aes_cbc_hmac_sha1.c =================================================================== --- openssl-1.0.1i.orig/crypto/evp/e_aes_cbc_hmac_sha1.c 2016-04-28 15:02:07.475493236 +0200 +++ openssl-1.0.1i/crypto/evp/e_aes_cbc_hmac_sha1.c 2016-04-28 15:05:07.046449751 +0200 @@ -59,6 +59,7 @@ #include <openssl/aes.h> #include <openssl/sha.h> #include "evp_locl.h" +#include "constant_time_locl.h" #ifndef EVP_CIPH_FLAG_AEAD_CIPHER #define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000 @@ -282,6 +283,8 @@ static int aesni_cbc_hmac_sha1_cipher(EV maxpad |= (255-maxpad)>>(sizeof(maxpad)*8-8); maxpad &= 255; + ret &= constant_time_ge(maxpad, pad); + inp_len = len - (SHA_DIGEST_LENGTH+pad+1); mask = (0-((inp_len-len)>>(sizeof(inp_len)*8-1))); inp_len &= mask;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor