[mcrypt/f17] apply fix for CVE-2012-4409 (thanks to Raphael Geissert)

Tom Callaway spot at fedoraproject.org
Fri Sep 7 15:34:45 UTC 2012 

commit 72e15fda6b241546ddf7f64d7d111195c421b6b3
Author: Tom Callaway <spot at fedoraproject.org>
Date:   Fri Sep 7 11:35:22 2012 -0400

    apply fix for CVE-2012-4409 (thanks to Raphael Geissert)

 mcrypt-CVE-2012-4409.patch |   12 ++++++++++++
 mcrypt.spec                |   10 +++++++++-
 2 files changed, 21 insertions(+), 1 deletions(-)
---
diff --git a/mcrypt-CVE-2012-4409.patch b/mcrypt-CVE-2012-4409.patch
new file mode 100644
index 0000000..747f428
--- /dev/null
+++ b/mcrypt-CVE-2012-4409.patch
@@ -0,0 +1,12 @@
+diff -up mcrypt-2.6.8/src/extra.c.CVE-2012-4409 mcrypt-2.6.8/src/extra.c
+--- mcrypt-2.6.8/src/extra.c.CVE-2012-4409	2012-09-07 11:00:55.906870746 -0400
++++ mcrypt-2.6.8/src/extra.c	2012-09-07 11:00:27.967858365 -0400
+@@ -242,6 +242,8 @@ int check_file_head(FILE * fstream, char
+ 			if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
+ 				*salt_size = m_setbit(0, sflag, 0);
+ 				if (*salt_size > 0) {
++					if (*salt_size > sizeof(tmp_buf))
++						err_quit(_("Salt is too long\n"));
+ 					fread(tmp_buf, 1, *salt_size,
+ 					      fstream);
+ 					memmove(salt, tmp_buf, *salt_size);
diff --git a/mcrypt.spec b/mcrypt.spec
index 6cbe542..57561ba 100644
--- a/mcrypt.spec
+++ b/mcrypt.spec
@@ -1,6 +1,6 @@
 Name:		mcrypt
 Version:	2.6.8
-Release:	7%{?dist}
+Release:	8%{?dist}
 License:	GPLv3+
 Group:		Applications/System
 Summary:	Replacement for crypt()
@@ -22,6 +22,10 @@ Patch3:		mcrypt-2.6.7-native-by-default.patch
 # Upstream: 
 # https://sourceforge.net/tracker/index.php?func=detail&aid=3559099&group_id=87941&atid=584893
 Patch4:		mcrypt-2.6.8-manpage-typofixes.patch
+# Fix for CVE-2012-4409
+# https://bugzilla.redhat.com/show_bug.cgi?id=855029
+Patch5:		mcrypt-CVE-2012-4409.patch
+
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:	libmcrypt-devel, mhash-devel, gettext, zlib-devel
 
@@ -38,6 +42,7 @@ to encrypt files or data streams without having to be cryptographers.
 %patch2 -p1 -b .gaafix
 %patch3 -p1 -b .native_by_default
 %patch4 -p1 -b .typos
+%patch5 -p1 -b .CVE-2012-4409
 
 %build
 %configure
@@ -59,6 +64,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man1/*
 
 %changelog
+* Fri Sep  7 2012 Tom Callaway <spot at fedoraproject.org> - 2.6.8-8
+- apply fix for CVE-2012-4409 (thanks to Raphael Geissert)
+
 * Fri Aug 17 2012 Tom Callaway <spot at fedoraproject.org> - 2.6.8-7
 - fix typos in manpage

More information about the scm-commits mailing list