[Pkg-voip-commits] [asterisk] 05/10: AST-2015-003: Fix TLS Certificate Common name NULL byte exploit (CVE-2015-3008)

Bernhard Schmidt berni at moszumanska.debian.org
Sun Oct 23 19:48:53 UTC 2016 

This is an automated email from the git hooks/post-receive script.

berni pushed a commit to branch jessie
in repository asterisk.

commit 8b332fb506603edf0a484686e8afa4bc5cc7d2ce
Author: Bernhard Schmidt <berni at debian.org>
Date:   Sat Oct 8 22:49:10 2016 +0200

    AST-2015-003: Fix TLS Certificate Common name NULL byte exploit (CVE-2015-3008)
    
    Closes: #782411
---
 debian/patches/AST-2015-003-11.diff | 22 ++++++++++++++++++++++
 debian/patches/series               |  1 +
 2 files changed, 23 insertions(+)

diff --git a/debian/patches/AST-2015-003-11.diff b/debian/patches/AST-2015-003-11.diff
new file mode 100644
index 0000000..c63c80c
--- /dev/null
+++ b/debian/patches/AST-2015-003-11.diff
@@ -0,0 +1,22 @@
+Index: main/tcptls.c
+===================================================================
+--- main/tcptls.c	(revision 433025)
++++ main/tcptls.c	(working copy)
+@@ -639,9 +639,15 @@
+ 							break;
+ 						}
+ 						str = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, pos));
+-						ASN1_STRING_to_UTF8(&str2, str);
++						ret = ASN1_STRING_to_UTF8(&str2, str);
++						if (ret < 0) {
++							continue;
++						}
++
+ 						if (str2) {
+-							if (!strcasecmp(tcptls_session->parent->hostname, (char *) str2)) {
++							if (strlen((char *) str2) != ret) {
++								ast_log(LOG_WARNING, "Invalid certificate common name length (contains NULL bytes?)\n");
++							} else if (!strcasecmp(tcptls_session->parent->hostname, (char *) str2)) {
+ 								found = 1;
+ 							}
+ 							ast_debug(3, "SSL Common Name compare s1='%s' s2='%s'\n", tcptls_session->parent->hostname, str2);
diff --git a/debian/patches/series b/debian/patches/series
index 54ab075..4bb9802 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -39,4 +39,5 @@ AST-2014-014.patch
 AST-2014-017.patch
 AST-2014-018.patch
 AST-2014-019.patch
+AST-2015-003-11.diff
 AST-2016-007.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/asterisk.git

More information about the Pkg-voip-commits mailing list