diff --git a/gnu/local.mk b/gnu/local.mk index 621a1c1806..3d7ae598e1 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -742,7 +742,6 @@ dist_patch_DATA = \ %D%/packages/patches/libsndfile-CVE-2017-8362.patch \ %D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch \ %D%/packages/patches/libtar-CVE-2013-4420.patch \ - %D%/packages/patches/libtasn1-CVE-2017-6891.patch \ %D%/packages/patches/libtheora-config-guess.patch \ %D%/packages/patches/libtiff-CVE-2016-10092.patch \ %D%/packages/patches/libtiff-CVE-2016-10093.patch \ diff --git a/gnu/packages/patches/libtasn1-CVE-2017-6891.patch b/gnu/packages/patches/libtasn1-CVE-2017-6891.patch deleted file mode 100644 index 1f847ed025..0000000000 --- a/gnu/packages/patches/libtasn1-CVE-2017-6891.patch +++ /dev/null @@ -1,51 +0,0 @@ -Fix CVE-2017-6891: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6891 - -Patch copied from upstream source repository: - -https://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=5520704d075802df25ce4ffccc010ba1641bd484 - -From 5520704d075802df25ce4ffccc010ba1641bd484 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos -Date: Thu, 18 May 2017 18:03:34 +0200 -Subject: [PATCH] asn1_find_node: added safety check on asn1_find_node() - -This prevents a stack overflow in asn1_find_node() which -is triggered by too long variable names in the definitions -files. That means that applications have to deliberately -pass a too long 'name' constant to asn1_write_value() -and friends. Reported by Jakub Jirasek. - -Signed-off-by: Nikos Mavrogiannopoulos ---- - lib/parser_aux.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/lib/parser_aux.c b/lib/parser_aux.c -index b4a7370..976ab38 100644 ---- a/lib/parser_aux.c -+++ b/lib/parser_aux.c -@@ -120,6 +120,9 @@ asn1_find_node (asn1_node pointer, const char *name) - if (n_end) - { - nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ - memcpy (n, n_start, nsize); - n[nsize] = 0; - n_start = n_end; -@@ -158,6 +161,9 @@ asn1_find_node (asn1_node pointer, const char *name) - if (n_end) - { - nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ - memcpy (n, n_start, nsize); - n[nsize] = 0; - n_start = n_end; --- -2.13.0 - diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 39cfd10f57..6a0b0637a2 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -58,7 +58,6 @@ (method url-fetch) (uri (string-append "mirror://gnu/libtasn1/libtasn1-" version ".tar.gz")) - (patches (search-patches "libtasn1-CVE-2017-6891.patch")) (sha256 (base32 "0h929bdq6w699y1mdkdajp5a6da8whgg3ba5p4j8x1wy36rlcjll"))))