[libsrtp] fix for CVE-2013-2139
Tom Callaway
spot at fedoraproject.org
Mon Dec 30 16:53:29 UTC 2013
commit f0985f9c77642b70a2a3b082957ac4fe2cb7d592
Author: Tom Callaway <spot at fedoraproject.org>
Date: Mon Dec 30 11:53:27 2013 -0500
fix for CVE-2013-2139
libsrtp-1.4.4-CVE20132139.patch | 48 +++++++++++++++++++++++++++++++++++++++
libsrtp.spec | 7 +++++-
2 files changed, 54 insertions(+), 1 deletions(-)
---
diff --git a/libsrtp-1.4.4-CVE20132139.patch b/libsrtp-1.4.4-CVE20132139.patch
new file mode 100644
index 0000000..ebcc7e1
--- /dev/null
+++ b/libsrtp-1.4.4-CVE20132139.patch
@@ -0,0 +1,48 @@
+diff -up srtp/srtp/srtp.c.CVE20132139 srtp/srtp/srtp.c
+--- srtp/srtp/srtp.c.CVE20132139 2013-12-30 11:47:39.477223492 -0500
++++ srtp/srtp/srtp.c 2013-12-30 11:49:44.580162545 -0500
+@@ -2045,22 +2045,21 @@ crypto_policy_set_from_profile_for_rtp(c
+ switch(profile) {
+ case srtp_profile_aes128_cm_sha1_80:
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+- crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
++ /* We do not honor the 32-bit auth tag request since
++ * this is not compliant with RFC 3711 */
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+- crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_80:
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
+- crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
++ /* We do not honor the 32-bit auth tag request since
++ * this is not compliant with RFC 3711 */
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+@@ -2082,7 +2081,7 @@ crypto_policy_set_from_profile_for_rtcp(
+ crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes128_cm_sha1_32:
+- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy);
++ crypto_policy_set_aes_cm_128_hmac_sha1_32(policy);
+ break;
+ case srtp_profile_null_sha1_80:
+ crypto_policy_set_null_cipher_hmac_sha1_80(policy);
+@@ -2091,7 +2090,7 @@ crypto_policy_set_from_profile_for_rtcp(
+ crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
+ break;
+ case srtp_profile_aes256_cm_sha1_32:
+- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy);
++ crypto_policy_set_aes_cm_256_hmac_sha1_32(policy);
+ break;
+ /* the following profiles are not (yet) supported */
+ case srtp_profile_null_sha1_32:
diff --git a/libsrtp.spec b/libsrtp.spec
index e6a3311..a84c4c9 100644
--- a/libsrtp.spec
+++ b/libsrtp.spec
@@ -3,7 +3,7 @@
Name: lib%{shortname}
Version: 1.4.4
-Release: 8.%{cvsver}%{?dist}
+Release: 9.%{cvsver}%{?dist}
Summary: An implementation of the Secure Real-time Transport Protocol (SRTP)
Group: System Environment/Libraries
License: BSD
@@ -20,6 +20,7 @@ Source2: config.h
# Seriously. Who doesn't do shared libs these days?
# And how does Chromium always manage to find these projects and use them?
Patch0: libsrtp-1.4.4-shared.patch
+Patch1: libsrtp-1.4.4-CVE20132139.patch
%description
This package provides an implementation of the Secure Real-time
@@ -39,6 +40,7 @@ developing applications that use %{name}.
%prep
%setup -q -n %{shortname}
%patch0 -p1 -b .shared
+%patch1 -p1 -b .CVE20132139
# Fix end-of-line encoding
sed -i 's/\r//g' doc/draft-irtf-cfrg-icm-00.txt
@@ -89,6 +91,9 @@ cp -a %{SOURCE2} %{buildroot}%{_includedir}/%{shortname}/config.h
%{_libdir}/*.so
%changelog
+* Mon Dec 30 2013 Tom Callaway <spot at fedoraproject.org> - 1.4.4-9.20101004cvs
+- apply fix for CVE-2013-2139 from https://github.com/cisco/libsrtp/pull/27
+
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.4-8.20101004cvs
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
More information about the scm-commits
mailing list