From fc8719a8feeb301555937b80f1facf62a91568e1 Mon Sep 17 00:00:00 2001 From: Antonio Radici Date: Thu, 5 May 2011 10:54:10 +0000 Subject: [PATCH] 619216-gnutls-CN-validation.patch: fix the validation of the commonname in the gnutls code (Closes: 619216) --- debian/changelog | 2 ++ debian/patches/series | 1 + .../619216-gnutls-CN-validation.patch | 36 +++++++++++++++++++ 3 files changed, 39 insertions(+) create mode 100644 debian/patches/upstream/619216-gnutls-CN-validation.patch diff --git a/debian/changelog b/debian/changelog index 5101385..8642a54 100644 --- a/debian/changelog +++ b/debian/changelog @@ -25,6 +25,8 @@ mutt (1.5.21-5) unstable; urgency=low + 584138-mx_update_context-segfault.patch: fix a segfault due to holes in IMAP headers, 537694-segv-imap-headers.patch is removed as part of this fix (Closes: 584138) + + 619216-gnutls-CN-validation.patch: fix the validation of the + commonname in the gnutls code (Closes: 619216) * debian/patches/compressed-folders: remove partially uncompressed folder if the open fails (Closes: 578098) * debian/extra/samples/sidebar.muttrc: documented the options that diff --git a/debian/patches/series b/debian/patches/series index 2e55043..08a2104 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -50,6 +50,7 @@ upstream/611412-bts-regexp.patch upstream/624058-gnutls-deprecated-set-priority.patch upstream/624085-gnutls-deprecated-verify-peers.patch upstream/584138-mx_update_context-segfault.patch +upstream/619216-gnutls-CN-validation.patch upstream/path_max mutt.org diff --git a/debian/patches/upstream/619216-gnutls-CN-validation.patch b/debian/patches/upstream/619216-gnutls-CN-validation.patch new file mode 100644 index 0000000..517e543 --- /dev/null +++ b/debian/patches/upstream/619216-gnutls-CN-validation.patch @@ -0,0 +1,36 @@ +This patch addresses a security problem due to the fact that the validation of +the SSL CN is not correctly done in the gnutls-related code of mutt. + +The patch has been provided by hhorak on http://bugs.mutt.org/3506, the original +bug where the security problem was reported for Debian is +http://bugs.debian.org/619216 + +--- a/mutt_ssl_gnutls.c ++++ b/mutt_ssl_gnutls.c +@@ -999,6 +999,7 @@ + unsigned int cert_list_size = 0; + gnutls_certificate_status certstat; + int certerr, i, preauthrc, savedcert, rc = 0; ++ int rcpeer; + + if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE) + { +@@ -1024,6 +1025,9 @@ + for (i = 0; i < cert_list_size; i++) { + rc = tls_check_preauth(&cert_list[i], certstat, conn->account.host, i, + &certerr, &savedcert); ++ if (i ==0) ++ rcpeeer = rc; ++ + preauthrc += rc; + + if (savedcert) +@@ -1049,7 +1053,7 @@ + dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rc)); + + certstat = tls_verify_peers (state); +- if (!certstat) ++ if (!certstat && !rcpeer) + return 1; + } + } -- 2.43.0