[Pkg-gnupg-commit] r305 - in /gnupg/branches/squeeze/debian: changelog patches/00list patches/CVE-2012-6085.dpatch

thijs at users.alioth.debian.org thijs at users.alioth.debian.org
Wed Jan 2 19:46:44 UTC 2013 

Author: thijs
Date: Wed Jan  2 19:46:44 2013
New Revision: 305

URL: http://svn.debian.org/wsvn/pkg-gnupg/?sc=1&rev=305
Log:
Apply upstream patch to fix memory and key database corruption
when importing with invalid keys (CVE-2012-6085, closes: #697108).

Added:
    gnupg/branches/squeeze/debian/patches/CVE-2012-6085.dpatch   (with props)
Modified:
    gnupg/branches/squeeze/debian/changelog
    gnupg/branches/squeeze/debian/patches/00list

Modified: gnupg/branches/squeeze/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/squeeze/debian/changelog?rev=305&op=diff
==============================================================================
--- gnupg/branches/squeeze/debian/changelog (original)
+++ gnupg/branches/squeeze/debian/changelog Wed Jan  2 19:46:44 2013
@@ -1,3 +1,10 @@
+gnupg (1.4.10-4+squeeze1) stable-security; urgency=high
+
+  * Apply upstream patch to fix memory and key database corruption
+    when importing with invalid keys (CVE-2012-6085, closes: #697108).
+
+ -- Thijs Kinkhorst <thijs at debian.org>  Wed, 02 Jan 2013 20:43:39 +0100
+
 gnupg (1.4.10-4) unstable; urgency=high
 
   * debian/patches/mips_gcc4.4: added to fix build failure on

Modified: gnupg/branches/squeeze/debian/patches/00list
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/squeeze/debian/patches/00list?rev=305&op=diff
==============================================================================
--- gnupg/branches/squeeze/debian/patches/00list (original)
+++ gnupg/branches/squeeze/debian/patches/00list Wed Jan  2 19:46:44 2013
@@ -7,3 +7,4 @@
 567593_improve_info_and_faq
 fix_infinite_loop_r5264
 mips_gcc4.4
+CVE-2012-6085

Added: gnupg/branches/squeeze/debian/patches/CVE-2012-6085.dpatch
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/squeeze/debian/patches/CVE-2012-6085.dpatch?rev=305&op=file
==============================================================================
--- gnupg/branches/squeeze/debian/patches/CVE-2012-6085.dpatch (added)
+++ gnupg/branches/squeeze/debian/patches/CVE-2012-6085.dpatch Wed Jan  2 19:46:44 2013
@@ -1,0 +1,47 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## mips_gcc4.4 by Werner Koch
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix memory and key database corruption on importing invalid keys
+## DP: by rejecting invalid keyblock packet types.
+## DP: <URL:http://bugs.debian.org/697108>
+
+--- a/g10/import.c
++++ b/g10/import.c
+@@ -343,6 +343,27 @@ import_print_stats (void *hd)
+ }
+ 
+ 
++/* Return true if PKTTYPE is valid in a keyblock.  */
++static int
++valid_keyblock_packet (int pkttype)
++{
++  switch (pkttype)
++    {
++    case PKT_PUBLIC_KEY:
++    case PKT_PUBLIC_SUBKEY:
++    case PKT_SECRET_KEY:
++    case PKT_SECRET_SUBKEY:
++    case PKT_SIGNATURE:
++    case PKT_USER_ID:
++    case PKT_ATTRIBUTE:
++    case PKT_RING_TRUST:
++      return 1;
++    default:
++      return 0;
++    }
++}
++
++
+ /****************
+  * Read the next keyblock from stream A.
+  * PENDING_PKT should be initialzed to NULL
+@@ -420,7 +441,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
+ 	    }
+ 	    in_cert = 1;
+ 	  default:
+-	    if( in_cert ) {
++	    if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
+ 		if( !root )
+ 		    root = new_kbnode( pkt );
+ 		else

Propchange: gnupg/branches/squeeze/debian/patches/CVE-2012-6085.dpatch
------------------------------------------------------------------------------
    svn:executable = *

More information about the Pkg-gnupg-commit mailing list