polarssl: security patch for CVE 2015-1182.

2015-01-20 14:37:23 +01:00 · 2015-01-20 14:37:23 +01:00 · 4d9d8381b1
parent 0ac12b16c8
commit 4d9d8381b1
2 changed files with 12 additions and 1 deletions
--- a/srcpkgs/polarssl/patches/CVE-2015-1182.patch
+++ b/srcpkgs/polarssl/patches/CVE-2015-1182.patch
@ -0,0 +1,11 @@
+--- library/asn1parse.c
+++ library/asn1parse.c
+@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char **p,
+             if( cur->next == NULL )
+                 return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
+
+            memset( cur->next, 0, sizeof( asn1_sequence ) );
+
+             cur = cur->next;
+         }
+     }
--- a/srcpkgs/polarssl/template
+++ b/srcpkgs/polarssl/template
@ -1,7 +1,7 @@
 # Template file for 'polarssl'
 pkgname=polarssl
 version=1.3.9
-revision=3
+revision=4
 build_style=cmake
 configure_args="-DENABLE_ZLIB_SUPPORT=on -DUSE_SHARED_POLARSSL_LIBRARY=on"
 hostmakedepends="cmake perl"