rpms
/
python-crypto
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- add patch to fix #485298 / CVE-2009-0544

Browse Source
f38
Thorsten Leemhuis 16 years ago
parent 0fcc524c6b
commit 34bd83b593
2 changed files with 36 additions and 3 deletions
Show Stats Download Patch File Download Diff File

24
python-crypto-fix_buffer_overflow.patch
Unescape View File

@ -0,0 +1,24 @@
diff -Naur pycrypto-2.0.1.org/src/ARC2.c pycrypto-2.0.1/src/ARC2.c
--- pycrypto-2.0.1.org/src/ARC2.c 2009-02-13 17:08:30.000000000 +0100
+++ pycrypto-2.0.1/src/ARC2.c 2009-02-13 17:08:47.000000000 +0100
@@ -11,6 +11,7 @@
*/
#include <string.h>
+#include "Python.h"
#define MODULE_NAME ARC2
#define BLOCK_SIZE 8
@@ -146,6 +147,12 @@
We'll hardwire it to 1024. */
#define bits 1024
+ if ((U32)keylength > sizeof(self->xkey)) {
+ PyErr_SetString(PyExc_ValueError,
+ "ARC2 key length must be less than 128 bytes");
+ return;
+ }
+
memcpy(self->xkey, key, keylength);
/* Phase 1: Expand input key to 128 bytes */

15
python-crypto.spec
Unescape View File

@ -10,7 +10,13 @@ Group: Development/Libraries
# FIXME: In the near future, new releases will be at http://www.dlitz.net/software/pycrypto/ # FIXME: In the near future, new releases will be at http://www.dlitz.net/software/pycrypto/
URL: http://www.amk.ca/python/code/crypto.html URL: http://www.amk.ca/python/code/crypto.html
Source: http://www.amk.ca/files/python/crypto/pycrypto-2.0.1.tar.gz Source: http://www.amk.ca/files/python/crypto/pycrypto-2.0.1.tar.gz
Patch0: pycrypto-2.0.1-hashlib.patch # patch taken from
# http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=d1c4875e1f220652fe7ff8358f56dee3b2aba31b
Patch0: %{name}-fix_buffer_overflow.patch
# similar patches upstream already
# http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=d2311689910240e425741a546576129f4c9735e2
# http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=84b793416b52311643bfd456a4544444afbfb5da
Patch1: pycrypto-2.0.1-hashlib.patch
Provides: pycrypto = %{version}-%{release} Provides: pycrypto = %{version}-%{release}
BuildRequires: python >= 2.2 BuildRequires: python >= 2.2
@ -27,8 +33,8 @@ etc.).
%prep %prep
%setup -n pycrypto-%{version} -q %setup -n pycrypto-%{version} -q
sed -i s:/lib:/%_lib:g setup.py sed -i s:/lib:/%_lib:g setup.py
%patch0 -b .patch0 -p1
%patch0 -b .hashlib %patch1 -b .hashlib
%build %build
CFLAGS="$RPM_OPT_FLAGS" %{__python} setup.py build CFLAGS="$RPM_OPT_FLAGS" %{__python} setup.py build
@ -66,6 +72,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog %changelog
* Fri Feb 13 2009 Thorsten Leemhuis <fedora[AT]leemhuis[DOT]info> - 2.0.1-16
- add patch to fix #485298 / CVE-2009-0544
* Sat Feb 7 2009 Stewart Adam <s.adam at diffingo.com> - 2.0.1-15.1 * Sat Feb 7 2009 Stewart Adam <s.adam at diffingo.com> - 2.0.1-15.1
- Oops, actually apply the patch - Oops, actually apply the patch
- Modify patch so modules remain compatible with PEP 247 - Modify patch so modules remain compatible with PEP 247

Write Preview
Loading…
Cancel
Save