[Pkg-gnutls-commits] r827 - in /packages/gnutls26/branches/branch2.4.2-6lenny/debian: changelog patches/27_fix_openpgp.diff

ametzler at users.alioth.debian.org ametzler at users.alioth.debian.org
Sat Jan 9 14:29:53 UTC 2010 

Author: ametzler
Date: Sat Jan  9 14:29:53 2010
New Revision: 827

URL: http://svn.debian.org/wsvn/pkg-gnutls/?sc=1&rev=827
Log:
CVE-2009-2730 fix breaks openpgp auth. 27_fix_openpgp.diff

Added:
    packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/27_fix_openpgp.diff
Modified:
    packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog

Modified: packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog?rev=827&op=diff
==============================================================================
--- packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog (original)
+++ packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog Sat Jan  9 14:29:53 2010
@@ -3,6 +3,7 @@
   * NOT RELEASED YET
   * Finally add an entry to the NEWS.Debian file concerning the deprecation of
     RSA-MD2 and RSA-MD5 for signature verification. Closes: #514578
+  * CVE-2009-2730 fix breaks openpgp auth. 27_fix_openpgp.diff
 
  -- Andreas Metzler <ametzler at debian.org>  Sat, 09 Jan 2010 15:21:54 +0100
 

Added: packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/27_fix_openpgp.diff
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/27_fix_openpgp.diff?rev=827&op=file
==============================================================================
--- packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/27_fix_openpgp.diff (added)
+++ packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/27_fix_openpgp.diff Sat Jan  9 14:29:53 2010
@@ -1,0 +1,24 @@
+Patch 
+http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=9eed44b4ef9538117cc134956b32bc8fd39534fd
+unfuzzed for different tab/space in 2.4.x.
+
+http://lists.gnu.org/archive/html/gnutls-devel/2009-08/msg00093.html
+
+---
+diff --git a/lib/openpgp/pgp.c b/lib/openpgp/pgp.c
+index 8018ced..aa2a235 100644
+--- a/lib/openpgp/pgp.c
++++ b/lib/openpgp/pgp.c
+@@ -589,6 +589,10 @@ gnutls_openpgp_crt_check_hostname (gnutls_openpgp_crt_t key,
+       
+       if (ret == 0)
+         {
++	  /* Length returned by gnutls_openpgp_crt_get_name includes
++	     the terminating zero. */
++	  dnsnamesize--;
++
+           if (_gnutls_hostname_compare (dnsname, dnsnamesize, hostname))
+             return 1;
+         }
+--
+cgit v0.8.2.1

More information about the Pkg-gnutls-commits mailing list