[bouncycastle] 02/06: Drop CVE-2017-13098.patch. Fixed upstream.

Markus Koschany apo at moszumanska.debian.org
Tue Jan 16 20:58:21 UTC 2018


This is an automated email from the git hooks/post-receive script.

apo pushed a commit to branch master
in repository bouncycastle.

commit 92e4b9c3251a5600c7567250c04636d8ab8496d8
Author: Markus Koschany <apo at debian.org>
Date:   Tue Jan 16 21:46:37 2018 +0100

    Drop CVE-2017-13098.patch. Fixed upstream.
---
 debian/patches/CVE-2017-13098.patch | 26 --------------------------
 debian/patches/series               |  1 -
 2 files changed, 27 deletions(-)

diff --git a/debian/patches/CVE-2017-13098.patch b/debian/patches/CVE-2017-13098.patch
deleted file mode 100644
index 2ec65b0..0000000
--- a/debian/patches/CVE-2017-13098.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From a00b684465b38d722ca9a3543b8af8568e6bad5c Mon Sep 17 00:00:00 2001
-From: Peter Dettman <peter.dettman at bouncycastle.org>
-Date: Tue, 12 Dec 2017 08:41:43 +0700
-Subject: [PATCH] Confirm size of decrypted PMS before using
-
----
- .../tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java  | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java
-index c4ab53206..cea1df8b9 100644
---- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java
-+++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceDefaultTlsCredentialedDecryptor.java
-@@ -97,7 +97,11 @@ protected TlsSecret safeDecryptPreMasterSecret(TlsCryptoParameters cryptoParams,
-         {
-             Cipher c = crypto.createRSAEncryptionCipher();
-             c.init(Cipher.DECRYPT_MODE, rsaServerPrivateKey);
--            M = c.doFinal(encryptedPreMasterSecret);
-+            byte[] m = c.doFinal(encryptedPreMasterSecret);
-+            if (m != null && m.length == 48)
-+            {
-+                M = m;
-+            }
-         }
-         catch (Exception e)
-         {
diff --git a/debian/patches/series b/debian/patches/series
index a4c71d2..9a5b0b8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1,3 @@
 02_index.patch
 fix-encoding.patch
 backward-compatibility.patch
-CVE-2017-13098.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/bouncycastle.git



More information about the pkg-java-commits mailing list