[bouncycastle] 02/06: Drop CVE-2017-13098.patch. Fixed upstream.
Markus Koschany
apo at moszumanska.debian.org
Tue Jan 16 20:58:21 UTC 2018
This is an automated email from the git hooks/post-receive script.
apo pushed a commit to branch master
in repository bouncycastle.
commit 92e4b9c3251a5600c7567250c04636d8ab8496d8
Author: Markus Koschany <apo at debian.org>
Date: Tue Jan 16 21:46:37 2018 +0100
Drop CVE-2017-13098.patch. Fixed upstream.
---
debian/patches/CVE-2017-13098.patch | 26 --------------------------
debian/patches/series | 1 -
2 files changed, 27 deletions(-)
diff --git a/debian/patches/CVE-2017-13098.patch b/debian/patches/CVE-2017-13098.patch
deleted file mode 100644
index 2ec65b0..0000000
--- a/debian/patches/CVE-2017-13098.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From a00b684465b38d722ca9a3543b8af8568e6bad5c Mon Sep 17 00:00:00 2001
-From: Peter Dettman <peter.dettman at bouncycastle.org>
-Date: Tue, 12 Dec 2017 08:41:43 +0700
-Subject: [PATCH] Confirm size of decrypted PMS before using
-
----
- .../tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java
-index c4ab53206..cea1df8b9 100644
---- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java
-+++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java
-@@ -97,7 +97,11 @@ protected TlsSecret safeDecryptPreMasterSecret(TlsCryptoParameters cryptoParams,
- {
- Cipher c = crypto.createRSAEncryptionCipher();
- c.init(Cipher.DECRYPT_MODE, rsaServerPrivateKey);
-- M = c.doFinal(encryptedPreMasterSecret);
-+ byte[] m = c.doFinal(encryptedPreMasterSecret);
-+ if (m != null && m.length == 48)
-+ {
-+ M = m;
-+ }
- }
- catch (Exception e)
- {
diff --git a/debian/patches/series b/debian/patches/series
index a4c71d2..9a5b0b8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1,3 @@
02_index.patch
fix-encoding.patch
backward-compatibility.patch
-CVE-2017-13098.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/bouncycastle.git
More information about the pkg-java-commits
mailing list