From a14c935aff42f07a488ab383be0b387d33183dd5 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Apr 10 2018 05:14:17 +0000 Subject: import openssl-1.0.2k-12.el7 --- diff --git a/SOURCES/openssl-1.0.2k-cve-2017-3736.patch b/SOURCES/openssl-1.0.2k-cve-2017-3736.patch new file mode 100644 index 0000000..6fc0491 --- /dev/null +++ b/SOURCES/openssl-1.0.2k-cve-2017-3736.patch @@ -0,0 +1,43 @@ +From 38d600147331d36e74174ebbd4008b63188b321b Mon Sep 17 00:00:00 2001 +From: Andy Polyakov +Date: Thu, 17 Aug 2017 21:08:57 +0200 +Subject: [PATCH] bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqrx8x_internal. + +Credit to OSS-Fuzz for finding this. + +CVE-2017-3736 + +Reviewed-by: Rich Salz +--- + crypto/bn/asm/x86_64-mont5.pl | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl +index 3bb0cdf..42178e4 100755 +--- a/crypto/bn/asm/x86_64-mont5.pl ++++ b/crypto/bn/asm/x86_64-mont5.pl +@@ -3090,11 +3090,19 @@ $code.=<<___; + + .align 32 + .Lsqrx8x_break: +- sub 16+8(%rsp),%r8 # consume last carry ++ xor $zero,$zero ++ sub 16+8(%rsp),%rbx # mov 16(%rsp),%cf ++ adcx $zero,%r8 + mov 24+8(%rsp),$carry # initial $tptr, borrow $carry ++ adcx $zero,%r9 + mov 0*8($aptr),%rdx # a[8], modulo-scheduled +- xor %ebp,%ebp # xor $zero,$zero ++ adc \$0,%r10 + mov %r8,0*8($tptr) ++ adc \$0,%r11 ++ adc \$0,%r12 ++ adc \$0,%r13 ++ adc \$0,%r14 ++ adc \$0,%r15 + cmp $carry,$tptr # cf=0, of=0 + je .Lsqrx8x_outer_loop + +-- +2.9.5 + diff --git a/SOURCES/openssl-1.0.2k-cve-2017-3737.patch b/SOURCES/openssl-1.0.2k-cve-2017-3737.patch new file mode 100644 index 0000000..0f6f462 --- /dev/null +++ b/SOURCES/openssl-1.0.2k-cve-2017-3737.patch @@ -0,0 +1,232 @@ +diff -up openssl-1.0.2k/ssl/fatalerrtest.c.ssl-err openssl-1.0.2k/ssl/fatalerrtest.c +--- openssl-1.0.2k/ssl/fatalerrtest.c.ssl-err 2017-12-13 14:17:46.730350538 +0100 ++++ openssl-1.0.2k/ssl/fatalerrtest.c 2017-12-13 14:18:54.879940227 +0100 +@@ -0,0 +1,109 @@ ++/* ++ * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include "ssltestlib.h" ++ ++int main(int argc, char *argv[]) ++{ ++ SSL_CTX *sctx = NULL, *cctx = NULL; ++ SSL *sssl = NULL, *cssl = NULL; ++ const char *msg = "Dummy"; ++ BIO *err = NULL, *wbio = NULL; ++ int ret = 1, len; ++ char buf[80]; ++ unsigned char dummyrec[] = { ++ 0x17, 0x03, 0x03, 0x00, 0x05, 'D', 'u', 'm', 'm', 'y' ++ }; ++ ++ if (argc != 3) { ++ printf("Incorrect number of parameters\n"); ++ return 1; ++ } ++ ++ SSL_library_init(); ++ SSL_load_error_strings(); ++ err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); ++ CRYPTO_malloc_debug_init(); ++ CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); ++ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); ++ ++ if (!create_ssl_ctx_pair(SSLv23_method(), SSLv23_method(), &sctx, &cctx, ++ argv[1], argv[2])) { ++ printf("Failed to create SSL_CTX pair\n"); ++ goto err; ++ } ++ ++ /* ++ * Deliberately set the cipher lists for client and server to be different ++ * to force a handshake failure. ++ */ ++ if (!SSL_CTX_set_cipher_list(sctx, "AES128-SHA") ++ || !SSL_CTX_set_cipher_list(cctx, "AES256-SHA")) { ++ printf("Failed to set cipher lists\n"); ++ goto err; ++ } ++ ++ if (!create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL, NULL)) { ++ printf("Failed to create SSL objectx\n"); ++ goto err; ++ } ++ ++ wbio = SSL_get_wbio(cssl); ++ if (wbio == NULL) { ++ printf("Unexpected NULL bio received\n"); ++ goto err; ++ } ++ ++ if (create_ssl_connection(sssl, cssl)) { ++ printf("Unexpected success creating a connection\n"); ++ goto err; ++ } ++ ++ ERR_clear_error(); ++ ++ /* Inject a plaintext record from client to server */ ++ if (BIO_write(wbio, dummyrec, sizeof(dummyrec)) <= 0) { ++ printf("Unexpected failure injecting dummy record\n"); ++ goto err; ++ } ++ ++ /* SSL_read()/SSL_write should fail because of a previous fatal error */ ++ if ((len = SSL_read(sssl, buf, sizeof(buf) - 1)) > 0) { ++ buf[len] = '\0'; ++ printf("Unexpected success reading data: %s\n", buf); ++ goto err; ++ } ++ if (SSL_write(sssl, msg, strlen(msg)) > 0) { ++ printf("Unexpected success writing data\n"); ++ goto err; ++ } ++ ++ ret = 0; ++ err: ++ SSL_free(sssl); ++ SSL_free(cssl); ++ SSL_CTX_free(sctx); ++ SSL_CTX_free(cctx); ++ ERR_print_errors_fp(stderr); ++ ++ if (ret) { ++ printf("Fatal err test: FAILED\n"); ++ } ++ ++ ERR_free_strings(); ++ ERR_remove_thread_state(NULL); ++ EVP_cleanup(); ++ CRYPTO_cleanup_all_ex_data(); ++ CRYPTO_mem_leaks(err); ++ BIO_free(err); ++ ++ return ret; ++} +diff -up openssl-1.0.2k/ssl/Makefile.ssl-err openssl-1.0.2k/ssl/Makefile +--- openssl-1.0.2k/ssl/Makefile.ssl-err 2017-03-09 17:59:42.832617740 +0100 ++++ openssl-1.0.2k/ssl/Makefile 2017-12-13 14:17:46.729350514 +0100 +@@ -15,7 +15,8 @@ KRB5_INCLUDES= + CFLAGS= $(INCLUDES) $(CFLAG) + + GENERAL=Makefile README ssl-lib.com install.com +-TEST=ssltest.c heartbeat_test.c clienthellotest.c sslv2conftest.c dtlstest.c bad_dtls_test.c ++TEST=ssltest.c heartbeat_test.c clienthellotest.c sslv2conftest.c dtlstest.c \ ++ bad_dtls_test.c fatalerrtest.c + APPS= + + LIB=$(TOP)/libssl.a +diff -up openssl-1.0.2k/ssl/ssl.h.ssl-err openssl-1.0.2k/ssl/ssl.h +--- openssl-1.0.2k/ssl/ssl.h.ssl-err 2017-03-09 17:59:26.177229502 +0100 ++++ openssl-1.0.2k/ssl/ssl.h 2017-12-13 14:17:07.341431733 +0100 +@@ -1683,7 +1683,7 @@ extern "C" { + # define SSL_ST_BEFORE 0x4000 + # define SSL_ST_OK 0x03 + # define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) +-# define SSL_ST_ERR 0x05 ++# define SSL_ST_ERR (0x05|SSL_ST_INIT) + + # define SSL_CB_LOOP 0x01 + # define SSL_CB_EXIT 0x02 +diff -up openssl-1.0.2k/test/Makefile.ssl-err openssl-1.0.2k/test/Makefile +--- openssl-1.0.2k/test/Makefile.ssl-err 2017-03-09 17:59:45.580681798 +0100 ++++ openssl-1.0.2k/test/Makefile 2017-12-13 14:17:46.731350561 +0100 +@@ -73,6 +73,7 @@ CLIENTHELLOTEST= clienthellotest + BADDTLSTEST= bad_dtls_test + SSLV2CONFTEST = sslv2conftest + DTLSTEST = dtlstest ++FATALERRTEST = fatalerrtest + + TESTS= alltests + +@@ -87,7 +88,7 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_ + $(ASN1TEST)$(EXE_EXT) $(V3NAMETEST)$(EXE_EXT) $(HEARTBEATTEST)$(EXE_EXT) \ + $(CONSTTIMETEST)$(EXE_EXT) $(VERIFYEXTRATEST)$(EXE_EXT) \ + $(CLIENTHELLOTEST)$(EXE_EXT) $(SSLV2CONFTEST)$(EXE_EXT) $(DTLSTEST)$(EXE_EXT) \ +- $(BADDTLSTEST)$(EXE_EXT) ++ $(BADDTLSTEST)$(EXE_EXT) $(FATALERRTEST)$(EXE_EXT) + + # $(METHTEST)$(EXE_EXT) + +@@ -102,7 +103,7 @@ OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATES + $(EVPTEST).o $(EVPEXTRATEST).o $(IGETEST).o $(JPAKETEST).o $(ASN1TEST).o $(V3NAMETEST).o \ + $(HEARTBEATTEST).o $(CONSTTIMETEST).o $(VERIFYEXTRATEST).o \ + $(CLIENTHELLOTEST).o $(SSLV2CONFTEST).o $(DTLSTEST).o ssltestlib.o \ +- $(BADDTLSTEST).o ++ $(BADDTLSTEST).o $(FATALERRTEST).o + + SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \ + $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \ +@@ -114,7 +115,7 @@ SRC= $(BNTEST).c $(ECTEST).c $(ECDSATES + $(EVPTEST).c $(EVPEXTRATEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c $(ASN1TEST).c \ + $(V3NAMETEST).c $(HEARTBEATTEST).c $(CONSTTIMETEST).c $(VERIFYEXTRATEST).c \ + $(CLIENTHELLOTEST).c $(SSLV2CONFTEST).c $(DTLSTEST).c ssltestlib.c \ +- $(BADDTLSTEST).c ++ $(BADDTLSTEST).c $(FATALERRTEST).c + + EXHEADER= + HEADER= testutil.h ssltestlib.h $(EXHEADER) +@@ -159,7 +160,7 @@ alltests: \ + test_ss test_ca test_engine test_evp test_evp_extra test_ssl test_tsa test_ige \ + test_jpake test_srp test_cms test_ocsp test_v3name test_heartbeat \ + test_constant_time test_verify_extra test_clienthello test_sslv2conftest \ +- test_dtls test_bad_dtls ++ test_dtls test_bad_dtls test_fatalerr + + test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt + ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt +@@ -372,6 +373,10 @@ test_bad_dtls: $(BADDTLSTEST)$(EXE_EXT) + @echo $(START) $@ + ../util/shlib_wrap.sh ./$(BADDTLSTEST) + ++test_fatalerr: $(FATALERRTEST)$(EXE_EXT) ++ @echo $(START) $@ ++ ../util/shlib_wrap.sh ./$(FATALERRTEST) ../apps/server.pem ../apps/server.pem ++ + test_sslv2conftest: $(SSLV2CONFTEST)$(EXE_EXT) + @echo $(START) $@ + ../util/shlib_wrap.sh ./$(SSLV2CONFTEST) +@@ -560,6 +565,9 @@ $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHE + $(BADDTLSTEST)$(EXE_EXT): $(BADDTLSTEST).o + @target=$(BADDTLSTEST) $(BUILD_CMD) + ++$(FATALERRTEST)$(EXE_EXT): $(FATALERRTEST).o ssltestlib.o $(DLIBSSL) $(DLIBCRYPTO) ++ @target=$(FATALERRTEST); exobj=ssltestlib.o; $(BUILD_CMD) ++ + $(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o + @target=$(SSLV2CONFTEST) $(BUILD_CMD) + +@@ -779,6 +787,25 @@ exptest.o: ../include/openssl/opensslcon + exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h + exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h + exptest.o: ../include/openssl/symhacks.h exptest.c ++fatalerrtest.o: ../include/openssl/asn1.h ../include/openssl/bio.h ++fatalerrtest.o: ../include/openssl/buffer.h ../include/openssl/comp.h ++fatalerrtest.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h ++fatalerrtest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h ++fatalerrtest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h ++fatalerrtest.o: ../include/openssl/err.h ../include/openssl/evp.h ++fatalerrtest.o: ../include/openssl/hmac.h ../include/openssl/kssl.h ++fatalerrtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h ++fatalerrtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h ++fatalerrtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h ++fatalerrtest.o: ../include/openssl/pem.h ../include/openssl/pem2.h ++fatalerrtest.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h ++fatalerrtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h ++fatalerrtest.o: ../include/openssl/srtp.h ../include/openssl/ssl.h ++fatalerrtest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h ++fatalerrtest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h ++fatalerrtest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ++fatalerrtest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ++fatalerrtest.o: fatalerrtest.c ssltestlib.h + heartbeat_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h + heartbeat_test.o: ../include/openssl/buffer.h ../include/openssl/comp.h + heartbeat_test.o: ../include/openssl/crypto.h ../include/openssl/dsa.h diff --git a/SOURCES/openssl-1.0.2k-cve-2017-3738.patch b/SOURCES/openssl-1.0.2k-cve-2017-3738.patch new file mode 100644 index 0000000..e8b6ba5 --- /dev/null +++ b/SOURCES/openssl-1.0.2k-cve-2017-3738.patch @@ -0,0 +1,80 @@ +From ca51bafc1a88d8b8348f5fd97adc5d6ca93f8e76 Mon Sep 17 00:00:00 2001 +From: Andy Polyakov +Date: Fri, 24 Nov 2017 11:35:50 +0100 +Subject: [PATCH] bn/asm/rsaz-avx2.pl: fix digit correction bug in + rsaz_1024_mul_avx2. + +Credit to OSS-Fuzz for finding this. + +CVE-2017-3738 + +Reviewed-by: Rich Salz +--- + crypto/bn/asm/rsaz-avx2.pl | 15 +++++++-------- + 1 file changed, 7 insertions(+), 8 deletions(-) + +diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl +index 712a77f..2b3f8b0 100755 +--- a/crypto/bn/asm/rsaz-avx2.pl ++++ b/crypto/bn/asm/rsaz-avx2.pl +@@ -239,7 +239,7 @@ $code.=<<___; + vmovdqu 32*8-128($ap), $ACC8 + + lea 192(%rsp), $tp0 # 64+128=192 +- vpbroadcastq .Land_mask(%rip), $AND_MASK ++ vmovdqu .Land_mask(%rip), $AND_MASK + jmp .LOOP_GRANDE_SQR_1024 + + .align 32 +@@ -1070,10 +1070,10 @@ $code.=<<___; + vpmuludq 32*6-128($np),$Yi,$TEMP1 + vpaddq $TEMP1,$ACC6,$ACC6 + vpmuludq 32*7-128($np),$Yi,$TEMP2 +- vpblendd \$3, $ZERO, $ACC9, $ACC9 # correct $ACC3 ++ vpblendd \$3, $ZERO, $ACC9, $TEMP1 # correct $ACC3 + vpaddq $TEMP2,$ACC7,$ACC7 + vpmuludq 32*8-128($np),$Yi,$TEMP0 +- vpaddq $ACC9, $ACC3, $ACC3 # correct $ACC3 ++ vpaddq $TEMP1, $ACC3, $ACC3 # correct $ACC3 + vpaddq $TEMP0,$ACC8,$ACC8 + + mov %rbx, %rax +@@ -1086,7 +1086,9 @@ $code.=<<___; + vmovdqu -8+32*2-128($ap),$TEMP2 + + mov $r1, %rax ++ vpblendd \$0xfc, $ZERO, $ACC9, $ACC9 # correct $ACC3 + imull $n0, %eax ++ vpaddq $ACC9,$ACC4,$ACC4 # correct $ACC3 + and \$0x1fffffff, %eax + + imulq 16-128($ap),%rbx +@@ -1322,15 +1324,12 @@ ___ + # But as we underutilize resources, it's possible to correct in + # each iteration with marginal performance loss. But then, as + # we do it in each iteration, we can correct less digits, and +-# avoid performance penalties completely. Also note that we +-# correct only three digits out of four. This works because +-# most significant digit is subjected to less additions. ++# avoid performance penalties completely. + + $TEMP0 = $ACC9; + $TEMP3 = $Bi; + $TEMP4 = $Yi; + $code.=<<___; +- vpermq \$0, $AND_MASK, $AND_MASK + vpaddq (%rsp), $TEMP1, $ACC0 + + vpsrlq \$29, $ACC0, $TEMP1 +@@ -1763,7 +1762,7 @@ $code.=<<___; + + .align 64 + .Land_mask: +- .quad 0x1fffffff,0x1fffffff,0x1fffffff,-1 ++ .quad 0x1fffffff,0x1fffffff,0x1fffffff,0x1fffffff + .Lscatter_permd: + .long 0,2,4,6,7,7,7,7 + .Lgather_permd: +-- +2.9.5 + diff --git a/SOURCES/openssl-1.0.2k-fips-randlock.patch b/SOURCES/openssl-1.0.2k-fips-randlock.patch new file mode 100644 index 0000000..8b08ef4 --- /dev/null +++ b/SOURCES/openssl-1.0.2k-fips-randlock.patch @@ -0,0 +1,65 @@ +diff -up openssl-1.0.2k/crypto/fips/fips_drbg_lib.c.fips-randlock openssl-1.0.2k/crypto/fips/fips_drbg_lib.c +--- openssl-1.0.2k/crypto/fips/fips_drbg_lib.c.fips-randlock 2017-03-09 17:59:26.249231181 +0100 ++++ openssl-1.0.2k/crypto/fips/fips_drbg_lib.c 2017-11-16 09:16:06.188098078 +0100 +@@ -338,6 +338,12 @@ int FIPS_drbg_reseed(DRBG_CTX *dctx, + return drbg_reseed(dctx, adin, adinlen, 1); + } + ++void FIPS_drbg_set_reseed(DRBG_CTX *dctx) ++{ ++ if (dctx->status == DRBG_STATUS_READY) ++ dctx->reseed_counter = dctx->reseed_interval; ++} ++ + static int fips_drbg_check(DRBG_CTX *dctx) + { + if (dctx->xflags & DRBG_FLAG_TEST) +diff -up openssl-1.0.2k/crypto/fips/fips_rand.h.fips-randlock openssl-1.0.2k/crypto/fips/fips_rand.h +--- openssl-1.0.2k/crypto/fips/fips_rand.h.fips-randlock 2017-03-09 17:59:26.252231250 +0100 ++++ openssl-1.0.2k/crypto/fips/fips_rand.h 2017-11-07 10:06:40.241450151 +0100 +@@ -86,6 +86,7 @@ extern "C" { + const unsigned char *pers, size_t perslen); + int FIPS_drbg_reseed(DRBG_CTX *dctx, const unsigned char *adin, + size_t adinlen); ++ void FIPS_drbg_set_reseed(DRBG_CTX *dctx); + int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, + int prediction_resistance, + const unsigned char *adin, size_t adinlen); +diff -up openssl-1.0.2k/crypto/rand/md_rand.c.fips-randlock openssl-1.0.2k/crypto/rand/md_rand.c +--- openssl-1.0.2k/crypto/rand/md_rand.c.fips-randlock 2017-03-09 17:59:26.255231320 +0100 ++++ openssl-1.0.2k/crypto/rand/md_rand.c 2017-12-06 09:20:23.615879425 +0100 +@@ -391,10 +391,10 @@ int ssleay_rand_bytes(unsigned char *buf + CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); + crypto_lock_rand = 1; + +- /* always poll for external entropy in FIPS mode, drbg provides the +- * expansion ++ /* always poll for external entropy in FIPS mode, if run as seed ++ * source, drbg provides the expansion + */ +- if (!initialized || FIPS_module_mode()) { ++ if (!initialized || (!lock && FIPS_module_mode())) { + RAND_poll(); + initialized = 1; + } +diff -up openssl-1.0.2k/crypto/rand/rand_lib.c.fips-randlock openssl-1.0.2k/crypto/rand/rand_lib.c +--- openssl-1.0.2k/crypto/rand/rand_lib.c.fips-randlock 2017-03-09 17:59:26.292232183 +0100 ++++ openssl-1.0.2k/crypto/rand/rand_lib.c 2017-11-07 10:20:08.050403861 +0100 +@@ -238,7 +238,7 @@ static int drbg_rand_add(DRBG_CTX *ctx, + RAND_SSLeay()->add(in, inlen, entropy); + if (FIPS_rand_status()) { + CRYPTO_w_lock(CRYPTO_LOCK_RAND); +- FIPS_drbg_reseed(ctx, NULL, 0); ++ FIPS_drbg_set_reseed(ctx); + CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + } + return 1; +@@ -249,7 +249,7 @@ static int drbg_rand_seed(DRBG_CTX *ctx, + RAND_SSLeay()->seed(in, inlen); + if (FIPS_rand_status()) { + CRYPTO_w_lock(CRYPTO_LOCK_RAND); +- FIPS_drbg_reseed(ctx, NULL, 0); ++ FIPS_drbg_set_reseed(ctx); + CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + } + return 1; diff --git a/SPECS/openssl.spec b/SPECS/openssl.spec index b86a4e9..f65ee91 100644 --- a/SPECS/openssl.spec +++ b/SPECS/openssl.spec @@ -23,7 +23,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 1.0.2k -Release: 8%{?dist} +Release: 12%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -86,6 +86,7 @@ Patch95: openssl-1.0.2e-remove-nistp224.patch Patch96: openssl-1.0.2e-speed-doc.patch Patch97: openssl-1.0.2k-no-ssl2.patch Patch98: openssl-1.0.2k-long-hello.patch +Patch99: openssl-1.0.2k-fips-randlock.patch # Backported fixes including security fixes Patch80: openssl-1.0.2e-wrap-pad.patch Patch81: openssl-1.0.2a-padlock64.patch @@ -93,6 +94,9 @@ Patch82: openssl-1.0.2i-trusted-first-doc.patch Patch83: openssl-1.0.2k-backports.patch Patch84: openssl-1.0.2k-ppc-update.patch Patch85: openssl-1.0.2k-req-x509.patch +Patch86: openssl-1.0.2k-cve-2017-3736.patch +Patch87: openssl-1.0.2k-cve-2017-3737.patch +Patch88: openssl-1.0.2k-cve-2017-3738.patch License: OpenSSL Group: System Environment/Libraries @@ -211,6 +215,7 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/ %patch96 -p1 -b .speed-doc %patch97 -p1 -b .no-ssl2 %patch98 -p1 -b .long-hello +%patch99 -p1 -b .randlock %patch80 -p1 -b .wrap %patch81 -p1 -b .padlock64 @@ -218,6 +223,9 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/ %patch83 -p1 -b .backports %patch84 -p1 -b .ppc-update %patch85 -p1 -b .req-x509 +%patch86 -p1 -b .mont5-carry +%patch87 -p1 -b .ssl-err +%patch88 -p1 -b .rsaz-overflow sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h @@ -517,6 +525,16 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* %postun libs -p /sbin/ldconfig %changelog +* Wed Dec 13 2017 Tomáš Mráz 1.0.2k-12 +- fix CVE-2017-3737 - incorrect handling of fatal error state +- fix CVE-2017-3738 - AVX2 Montgomery multiplication bug with 1024 bit modulus + +* Wed Dec 6 2017 Tomáš Mráz 1.0.2k-11 +- fix deadlock in RNG in the FIPS mode in mariadb + +* Tue Nov 7 2017 Tomáš Mráz 1.0.2k-9 +- fix CVE-2017-3736 - carry propagation bug in Montgomery multiplication + * Wed May 17 2017 Tomáš Mráz 1.0.2k-8 - fix regression in openssl req -x509 command (#1450015)