summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordelphij <delphij@FreeBSD.org>2017-02-23 07:12:18 +0000
committerdelphij <delphij@FreeBSD.org>2017-02-23 07:12:18 +0000
commit8ec5a888ff17420a447fce1d15a0413c122dd297 (patch)
tree4cefbc53a1b7df7cb45a471b65d3b2be5d57c692
parenta820b5878036538de63ff2dcdc3d5c5c5bdfc7fb (diff)
downloadFreeBSD-src-8ec5a888ff17420a447fce1d15a0413c122dd297.zip
FreeBSD-src-8ec5a888ff17420a447fce1d15a0413c122dd297.tar.gz
Fix OpenSSL RC4_MD5 cipher vulnerability.
Approved by: so
-rw-r--r--UPDATING4
-rw-r--r--crypto/openssl/crypto/evp/e_rc4_hmac_md5.c2
-rw-r--r--sys/conf/newvers.sh2
3 files changed, 7 insertions, 1 deletions
diff --git a/UPDATING b/UPDATING
index d7a689a..51fe757 100644
--- a/UPDATING
+++ b/UPDATING
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of
stable/10, and then rebuild without this option. The bootstrap process from
older version of current is a bit fragile.
+20170223 p17 FreeBSD-SA-17:02.openssl
+
+ Fix OpenSSL RC4_MD5 cipher vulnerability.
+
20170111 p16 FreeBSD-SA-17:01.openssh
Fix multiple vulnerabilities of OpenSSH.
diff --git a/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c b/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c
index 2da1117..ca53913 100644
--- a/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c
@@ -267,6 +267,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
len = p[arg - 2] << 8 | p[arg - 1];
if (!ctx->encrypt) {
+ if (len < MD5_DIGEST_LENGTH)
+ return -1;
len -= MD5_DIGEST_LENGTH;
p[arg - 2] = len >> 8;
p[arg - 1] = len;
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 581ada0..0cf9277 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="10.3"
-BRANCH="RELEASE-p16"
+BRANCH="RELEASE-p17"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
OpenPOWER on IntegriCloud