[pkg-opensc-commit] [SCM] OpenSC packaging branch, master, updated. 70dcae02e96340afe3b94add604b7f9c68b46706
Eric Dorland
eric at debian.org
Tue May 31 07:29:11 UTC 2011
The following commit has been merged in the master branch:
commit 2a6201f2f98692db7cc39fd2b2d1bddb7668365b
Author: Eric Dorland <eric at debian.org>
Date: Mon Apr 4 01:51:54 2011 -0400
debian/patches/CVE-2010-4523, debian/patches/min-max-macros, debian/patches/series: Remove now unnecessary patches.
diff --git a/debian/changelog b/debian/changelog
index 25fd665..99f2365 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,8 @@ opensc (0.12.0-1) unstable; urgency=low
* debian/rules: Changelog no longer in a weird place.
* debian/source/options, debian/source/patch-header: Remove unnecessary
single-debian-patch setting.
+ * debian/patches/CVE-2010-4523, debian/patches/min-max-macros,
+ debian/patches/series: Remove now unnecessary patches.
--
diff --git a/debian/patches/CVE-2010-4523 b/debian/patches/CVE-2010-4523
deleted file mode 100644
index 9c0757d..0000000
--- a/debian/patches/CVE-2010-4523
+++ /dev/null
@@ -1,46 +0,0 @@
-Description: protect against possible buffer overflows from rogue cards
- (CVE-2010-4523)
-Origin: https://www.opensc-project.org/opensc/changeset/4913
-Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607427
-Forwarded: not-needed
-Last-Update: 2010-12-22
-
---- opensc-0.11.13.orig/src/libopensc/card-acos5.c
-+++ opensc-0.11.13/src/libopensc/card-acos5.c
-@@ -140,8 +140,8 @@
- /*
- * Cache serial number.
- */
-- memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
-- card->serialnr.len = apdu.resplen;
-+ memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
-+ card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
-
- /*
- * Copy and return serial number.
---- opensc-0.11.13.orig/src/libopensc/card-atrust-acos.c
-+++ opensc-0.11.13/src/libopensc/card-atrust-acos.c
-@@ -853,8 +853,8 @@
- if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00)
- return SC_ERROR_INTERNAL;
- /* cache serial number */
-- memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
-- card->serialnr.len = apdu.resplen;
-+ memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
-+ card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
- /* copy and return serial number */
- memcpy(serial, &card->serialnr, sizeof(*serial));
- return SC_SUCCESS;
---- opensc-0.11.13.orig/src/libopensc/card-starcos.c
-+++ opensc-0.11.13/src/libopensc/card-starcos.c
-@@ -1289,8 +1289,8 @@
- if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00)
- return SC_ERROR_INTERNAL;
- /* cache serial number */
-- memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
-- card->serialnr.len = apdu.resplen;
-+ memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
-+ card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
- /* copy and return serial number */
- memcpy(serial, &card->serialnr, sizeof(*serial));
- return SC_SUCCESS;
diff --git a/debian/patches/min-max-macros b/debian/patches/min-max-macros
deleted file mode 100644
index ea8804a..0000000
--- a/debian/patches/min-max-macros
+++ /dev/null
@@ -1,38 +0,0 @@
-Description: move MIN/MAX macros from muscle.c to internal.h (needed for
- patch CVE-2010-4523)
-Origin: https://www.opensc-project.org/opensc/changeset/4912
-Forwarded: not-needed
-Last-Update: 2010-12-22
-
---- opensc-0.11.13.orig/src/libopensc/internal.h
-+++ opensc-0.11.13/src/libopensc/internal.h
-@@ -50,6 +50,13 @@
- #define sleep(t) Sleep((t) * 1000)
- #endif
-
-+#ifndef MAX
-+#define MAX(x, y) (((x) > (y)) ? (x) : (y))
-+#endif
-+#ifndef MIN
-+#define MIN(x, y) (((x) < (y)) ? (x) : (y))
-+#endif
-+
- struct sc_atr_table {
- /* The atr fields are required to
- * be in aa:bb:cc hex format. */
---- opensc-0.11.13.orig/src/libopensc/muscle.c
-+++ opensc-0.11.13/src/libopensc/muscle.c
-@@ -28,13 +28,6 @@
- #define MSC_DSA_PUBLIC 0x04
- #define MSC_DSA_PRIVATE 0x05
-
--#ifndef MAX
--#define MAX(x, y) (((x) > (y)) ? (x) : (y))
--#endif
--#ifndef MIN
--#define MIN(x, y) (((x) < (y)) ? (x) : (y))
--#endif
--
- static msc_id inputId = { { 0xFF, 0xFF, 0xFF, 0xFF } };
- static msc_id outputId = { { 0xFF, 0xFF, 0xFF, 0xFE } };
-
diff --git a/debian/patches/series b/debian/patches/series
deleted file mode 100644
index 0b02b2e..0000000
--- a/debian/patches/series
+++ /dev/null
@@ -1,2 +0,0 @@
-min-max-macros
-CVE-2010-4523
--
OpenSC packaging
More information about the pkg-opensc-commit
mailing list