diff options
Diffstat (limited to 'external/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch')
-rw-r--r-- | external/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/external/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch b/external/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch deleted file mode 100644 index 5286376a..00000000 --- a/external/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch +++ /dev/null @@ -1,36 +0,0 @@ -[PATCH] fix CVE-2015-4047 - -Upstream-Status: Backport - -http://www.openwall.com/lists/oss-security/2015/05/20/1 - -racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause -a denial of service (NULL pointer dereference and IKE daemon crash) via -a series of crafted UDP requests. - -https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047 - -Signed-off-by: Roy Li <rongqing.li@windriver.com> ---- - src/racoon/gssapi.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/src/racoon/gssapi.c b/src/racoon/gssapi.c -index e64b201..1ad3b42 100644 ---- a/src/racoon/gssapi.c -+++ b/src/racoon/gssapi.c -@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1) - gss_name_t princ, canon_princ; - OM_uint32 maj_stat, min_stat; - -+ if (iph1->rmconf == NULL) { -+ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n"); -+ return -1; -+ } -+ - gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state)); - if (gps == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n"); --- -1.9.1 - |