polarssl: patch CVE-2015-1182
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44060 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
jow
parent
cb217e0e5c
commit
e39c45d3a8
2 changed files with 13 additions and 2 deletions
|
|
@ -1,5 +1,5 @@
|
||||||
#
|
#
|
||||||
# Copyright (C) 2011-2013 OpenWrt.org
|
# Copyright (C) 2011-2015 OpenWrt.org
|
||||||
#
|
#
|
||||||
# This is free software, licensed under the GNU General Public License v2.
|
# This is free software, licensed under the GNU General Public License v2.
|
||||||
# See /LICENSE for more information.
|
# See /LICENSE for more information.
|
||||||
|
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=polarssl
|
PKG_NAME:=polarssl
|
||||||
PKG_VERSION:=1.3.9
|
PKG_VERSION:=1.3.9
|
||||||
PKG_RELEASE:=1
|
PKG_RELEASE:=2
|
||||||
PKG_USE_MIPS16:=0
|
PKG_USE_MIPS16:=0
|
||||||
|
|
||||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
|
||||||
|
|
|
||||||
11
package/libs/polarssl/patches/300-CVE-2015-1182.patch
Normal file
11
package/libs/polarssl/patches/300-CVE-2015-1182.patch
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
--- a/library/asn1parse.c
|
||||||
|
+++ b/library/asn1parse.c
|
||||||
|
@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char
|
||||||
|
if( cur->next == NULL )
|
||||||
|
return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
|
||||||
|
|
||||||
|
+ memset( cur->next, 0, sizeof( asn1_sequence ) );
|
||||||
|
+
|
||||||
|
cur = cur->next;
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue