diff options
Diffstat (limited to 'recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch')
-rw-r--r-- | recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch | 59 |
1 files changed, 35 insertions, 24 deletions
diff --git a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch index a956f42..988f39e 100644 --- a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch +++ b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch @@ -1,3 +1,8 @@ +From f21b9f7b21067fa3630607cdc1663141b2735ae5 Mon Sep 17 00:00:00 2001 +From: Armin Kuster <akuster@mvista.com> +Date: Thu, 2 Mar 2017 12:24:31 +0000 +Subject: [PATCH] Create meta-gplv2 from files from OE-Core + Upstream-Status: Backport https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d @@ -8,14 +13,36 @@ Same fix for both. Signed-off-by: Armin Kuster <akuster@mvista.com> -Index: nettle-2.7.1/ecc-256.c -=================================================================== ---- nettle-2.7.1.orig/ecc-256.c -+++ nettle-2.7.1/ecc-256.c -@@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve *ec +--- + ChangeLog | 6 ++++++ + ecc-256.c | 23 ++++++++++++++++++----- + 2 files changed, 24 insertions(+), 5 deletions(-) + +diff --git a/ChangeLog b/ChangeLog +index 7b7854d..abdd974 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,3 +1,9 @@ ++2015-12-10 Niels Möller <nisse@lysator.liu.se> ++ ++ * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem ++ reported by Hanno Böck. ++ (ecc_256_modq): Fixed another carry propagation bug. ++ + 2013-05-28 Niels Möller <nisse@lysator.liu.se> + + * Released nettle-2.7.1. +diff --git a/ecc-256.c b/ecc-256.c +index 571cf73..7bee4c7 100644 +--- a/ecc-256.c ++++ b/ecc-256.c +@@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve *ecc, mp_limb_t *rp) q2 += t + (q1 < t); assert (q2 < 2); +- +- /* We multiply by two low limbs of p, 2^96 - 1, so we could use +- shifts rather than mul. */ + /* + n-1 n-2 n-3 n-4 + +---+---+---+---+ @@ -25,16 +52,14 @@ Index: nettle-2.7.1/ecc-256.c + +-------+---+ + |q2(2^.)| + +-------+ - -- /* We multiply by two low limbs of p, 2^96 - 1, so we could use -- shifts rather than mul. */ ++ + We multiply by two low limbs of p, 2^96 - 1, so we could use + shifts rather than mul. + */ t = mpn_submul_1 (rp + n - 4, ecc->p, 2, q1); t += cnd_sub_n (q2, rp + n - 3, ecc->p, 1); t += (-q2) & 0xffffffff; -@@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve *ec +@@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve *ecc, mp_limb_t *rp) u0 -= t; t = (u1 < cy); u1 -= cy; @@ -46,7 +71,7 @@ Index: nettle-2.7.1/ecc-256.c u1 -= (-t) & 0xffffffff; } rp[2] = u0; -@@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve *ec +@@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve *ecc, mp_limb_t *rp) /* Conditional add of p */ u1 += t; @@ -55,17 +80,3 @@ Index: nettle-2.7.1/ecc-256.c t = cnd_add_n (t, rp + n - 4, ecc->q, 2); u1 += t; -Index: nettle-2.7.1/ChangeLog -=================================================================== ---- nettle-2.7.1.orig/ChangeLog -+++ nettle-2.7.1/ChangeLog -@@ -1,3 +1,9 @@ -+2015-12-10 Niels Möller <nisse@lysator.liu.se> -+ -+ * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem -+ reported by Hanno Böck. -+ (ecc_256_modq): Fixed another carry propagation bug. -+ - 2013-05-28 Niels Möller <nisse@lysator.liu.se> - - * Released nettle-2.7.1. |