From debbugs-submit-bounces@debbugs.gnu.org Thu Jun 14 16:43:46 2018
Received: (at submit) by debbugs.gnu.org; 14 Jun 2018 20:43:46 +0000
Received: from localhost ([127.0.0.1]:48542 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1fTZ5p-0003US-PP
	for submit@debbugs.gnu.org; Thu, 14 Jun 2018 16:43:46 -0400
Received: from eggs.gnu.org ([208.118.235.92]:42430)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1fTZ5l-0003UB-3y
 for submit@debbugs.gnu.org; Thu, 14 Jun 2018 16:43:39 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <leo@famulari.name>) id 1fTZ5e-00018f-1e
 for submit@debbugs.gnu.org; Thu, 14 Jun 2018 16:43:31 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,T_DKIM_INVALID
 autolearn=disabled version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:34976)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <leo@famulari.name>) id 1fTZ5d-00018O-TM
 for submit@debbugs.gnu.org; Thu, 14 Jun 2018 16:43:29 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:33354)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <leo@famulari.name>) id 1fTZ5b-00060N-Os
 for guix-patches@gnu.org; Thu, 14 Jun 2018 16:43:29 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <leo@famulari.name>) id 1fTZ5X-00013I-GP
 for guix-patches@gnu.org; Thu, 14 Jun 2018 16:43:27 -0400
Received: from out2-smtp.messagingengine.com ([66.111.4.26]:57271)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <leo@famulari.name>) id 1fTZ5X-00012g-7e
 for guix-patches@gnu.org; Thu, 14 Jun 2018 16:43:23 -0400
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.nyi.internal (Postfix) with ESMTP id C403021AAA;
 Thu, 14 Jun 2018 16:43:22 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute4.internal (MEProxy); Thu, 14 Jun 2018 16:43:22 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:in-reply-to:in-reply-to:message-id:references
 :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=
 mesmtp; bh=xGwkmjuEzS3ay+eqDdUHY4cFV4qYszwcERqpFKNQvBk=; b=z3s2s
 uXAgKcdPg0Ju4evuSy8AMK3lWx3aQXsK7+zGJMV/5PDy7ADOs07OefTPtEmWZDrb
 up1ere5r95wrcv5/1nOjOgeoML1/YAbLQxFAy8CI+Hqy6ugGqkiUgYevelr1ZVo1
 7WHL/Udr1d22PeB1LvBp1lRkbXJrbj/N71SPnQ=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=date:from:in-reply-to:in-reply-to
 :message-id:references:references:subject:to:x-me-sender
 :x-me-sender:x-sasl-enc; s=fm3; bh=xGwkmjuEzS3ay+eqDdUHY4cFV4qYs
 zwcERqpFKNQvBk=; b=mPxh86eMozu74km8dX2uHTAREpglmDgKMlbh08hi6QIwM
 ocu0u3MEkigqzmsS1UmkLoBSqh5sFNA8QnlGAA8Cg6ZP4Z1hL1DFKJSJ5CO+qLDH
 otPGT82k8zbPHMRnrT3jYambwcylAySagLlS/LclMQHVkICkKLUodKHTkzHx4qUY
 /sJHonLV5zmHRjSPyI71kaU8GpFfjNTNU+nBGAqF6ILdIp5G13XPX13P6RgzIcnZ
 Qpk6PD/n/Fbl7t6yQnxokJniCuuhJaVXgS6WezhFqspmmb4ORgMSg7voEJukD8JB
 HjJsmjD7YDR8zsNBgIiTlM5iaBXdcaKkHv3mXuNvA==
X-ME-Proxy: <xmx:atMiW_dQc_5PSeiWWywTBWlVbxCe18nFAXPVJ1sKi3zxRtSXmHitKQ>
 <xmx:atMiW0NMiHp4GSXocnUSomJ6KRYVp0EpP81GdzLPRAmnNkipE6Rwxg>
 <xmx:atMiW0zLvXzNoZ-b_ViSW3kGYd2Mwg3Q-miSQBf2GpnhVxPYip3oOg>
 <xmx:atMiW-8NQZZHPg0y8rzv0ictZEouilmbJ6hBxGAz22G-1CQDOc3woA>
 <xmx:atMiW3q0ETNOVlg-SXmhWo7AvSlNR-cN-FNrkt4YTYOZ7eU6aFFRNg>
 <xmx:atMiW5EuWSfEaMpUF0FMnDzXM_Y9kkXkhoGprGE9QQBiQhXQ-Ti-7g>
X-ME-Sender: <xms:atMiW7Z_XW0E-wScscO3a6YwWGHc-W2_3eHVYnyDiNom32Av41pdzg>
Received: from jasmine.lan (c-76-124-202-137.hsd1.pa.comcast.net
 [76.124.202.137])
 by mail.messagingengine.com (Postfix) with ESMTPA id 6C95EE465F
 for <guix-patches@gnu.org>; Thu, 14 Jun 2018 16:43:22 -0400 (EDT)
From: Leo Famulari <leo@famulari.name>
To: guix-patches@gnu.org
Subject: [PATCH 2/2] gnu: OpenSSL 1.1.0: Fix CVE-2018-{0495,0732}.
Date: Thu, 14 Jun 2018 16:43:15 -0400
Message-Id: <b6484c2fe116b4bb28b4b34723ad8a07f5f5e50b.1529008990.git.leo@famulari.name>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <b96dab52f39333a9f620d84ac096c367d09294e1.1529008990.git.leo@famulari.name>
References: <b96dab52f39333a9f620d84ac096c367d09294e1.1529008990.git.leo@famulari.name>
In-Reply-To: <b96dab52f39333a9f620d84ac096c367d09294e1.1529008990.git.leo@famulari.name>
References: <b96dab52f39333a9f620d84ac096c367d09294e1.1529008990.git.leo@famulari.name>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
 [fuzzy]
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -4.1 (----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.1 (-----)

* gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch,
gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/tls.scm (openssl-next)[source]: Use them.
---
 gnu/local.mk                                  |   2 +
 .../patches/openssl-1.1.0-CVE-2018-0495.patch | 167 ++++++++++++++++++
 .../patches/openssl-1.1.0-CVE-2018-0732.patch |  50 ++++++
 gnu/packages/tls.scm                          |   4 +-
 4 files changed, 222 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch
 create mode 100644 gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index e9d572922..27fb18a05 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -975,6 +975,8 @@ dist_patch_DATA =						\
   %D%/packages/patches/openssl-runpath.patch			\
   %D%/packages/patches/openssl-1.0.2-CVE-2018-0495.patch	\
   %D%/packages/patches/openssl-1.0.2-CVE-2018-0732.patch	\
+  %D%/packages/patches/openssl-1.1.0-CVE-2018-0495.patch	\
+  %D%/packages/patches/openssl-1.1.0-CVE-2018-0732.patch	\
   %D%/packages/patches/openssl-1.1.0-c-rehash-in.patch		\
   %D%/packages/patches/openssl-c-rehash-in.patch		\
   %D%/packages/patches/orpheus-cast-errors-and-includes.patch	\
diff --git a/gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch
new file mode 100644
index 000000000..6b7de5d64
--- /dev/null
+++ b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch
@@ -0,0 +1,167 @@
+Fix CVE-2018-0495:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495
+https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
+
+Patch copied from upstream source repository:
+
+https://github.com/openssl/openssl/commit/0c27d793745c7837b13646302b6890a556b7017a
+
+From 0c27d793745c7837b13646302b6890a556b7017a Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 25 May 2018 12:10:13 +0100
+Subject: [PATCH] Add blinding to an ECDSA signature
+
+Keegan Ryan (NCC Group) has demonstrated a side channel attack on an
+ECDSA signature operation. During signing the signer calculates:
+
+s:= k^-1 * (m + r * priv_key) mod order
+
+The addition operation above provides a sufficient signal for a
+flush+reload attack to derive the private key given sufficient signature
+operations.
+
+As a mitigation (based on a suggestion from Keegan) we add blinding to
+the operation so that:
+
+s := k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order
+
+Since this attack is a localhost side channel only no CVE is assigned.
+
+Reviewed-by: Rich Salz <rsalz@openssl.org>
+---
+ CHANGES                |  4 +++
+ crypto/ec/ecdsa_ossl.c | 70 +++++++++++++++++++++++++++++++++++++-----
+ 2 files changed, 67 insertions(+), 7 deletions(-)
+
+diff --git a/CHANGES b/CHANGES
+index bfd0bcd402..b749d9ed96 100644
+--- a/CHANGES
++++ b/CHANGES
+@@ -9,6 +9,10 @@
+ 
+  Changes between 1.1.0h and 1.1.0i [xx XXX xxxx]
+ 
++  *) Add blinding to an ECDSA signature to protect against side channel attacks
++     discovered by Keegan Ryan (NCC Group).
++     [Matt Caswell]
++
+   *) When unlocking a pass phrase protected PEM file or PKCS#8 container, we
+      now allow empty (zero character) pass phrases.
+      [Richard Levitte]
+diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c
+index 72e2f0f28b..449be0e92a 100644
+--- a/crypto/ec/ecdsa_ossl.c
++++ b/crypto/ec/ecdsa_ossl.c
+@@ -210,7 +210,8 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
+                                EC_KEY *eckey)
+ {
+     int ok = 0, i;
+-    BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL;
++    BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *blind = NULL;
++    BIGNUM *blindm = NULL;
+     const BIGNUM *order, *ckinv;
+     BN_CTX *ctx = NULL;
+     const EC_GROUP *group;
+@@ -243,8 +244,18 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
+     }
+     s = ret->s;
+ 
+-    if ((ctx = BN_CTX_new()) == NULL ||
+-        (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) {
++    ctx = BN_CTX_secure_new();
++    if (ctx == NULL) {
++        ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE);
++        goto err;
++    }
++
++    BN_CTX_start(ctx);
++    tmp = BN_CTX_get(ctx);
++    m = BN_CTX_get(ctx);
++    blind = BN_CTX_get(ctx);
++    blindm = BN_CTX_get(ctx);
++    if (blindm == NULL) {
+         ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE);
+         goto err;
+     }
+@@ -284,18 +295,64 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
+             }
+         }
+ 
+-        if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) {
++        /*
++         * The normal signature calculation is:
++         *
++         *   s := k^-1 * (m + r * priv_key) mod order
++         *
++         * We will blind this to protect against side channel attacks
++         *
++         *   s := k^-1 * blind^-1 * (blind * m + blind * r * priv_key) mod order
++         */
++
++        /* Generate a blinding value */
++        do {
++            if (!BN_rand(blind, BN_num_bits(order) - 1, BN_RAND_TOP_ANY,
++                         BN_RAND_BOTTOM_ANY))
++                goto err;
++        } while (BN_is_zero(blind));
++        BN_set_flags(blind, BN_FLG_CONSTTIME);
++        BN_set_flags(blindm, BN_FLG_CONSTTIME);
++        BN_set_flags(tmp, BN_FLG_CONSTTIME);
++
++        /* tmp := blind * priv_key * r mod order */
++        if (!BN_mod_mul(tmp, blind, priv_key, order, ctx)) {
+             ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
+             goto err;
+         }
+-        if (!BN_mod_add_quick(s, tmp, m, order)) {
++        if (!BN_mod_mul(tmp, tmp, ret->r, order, ctx)) {
+             ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
+             goto err;
+         }
++
++        /* blindm := blind * m mod order */
++        if (!BN_mod_mul(blindm, blind, m, order, ctx)) {
++            ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
++            goto err;
++        }
++
++        /* s : = (blind * priv_key * r) + (blind * m) mod order */
++        if (!BN_mod_add_quick(s, tmp, blindm, order)) {
++            ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
++            goto err;
++        }
++
++        /* s:= s * blind^-1 mod order */
++        if (BN_mod_inverse(blind, blind, order, ctx) == NULL) {
++            ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
++            goto err;
++        }
++        if (!BN_mod_mul(s, s, blind, order, ctx)) {
++            ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
++            goto err;
++        }
++
++        /* s := s * k^-1 mod order */
+         if (!BN_mod_mul(s, s, ckinv, order, ctx)) {
+             ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
+             goto err;
+         }
++
+         if (BN_is_zero(s)) {
+             /*
+              * if kinv and r have been supplied by the caller don't to
+@@ -317,9 +374,8 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
+         ECDSA_SIG_free(ret);
+         ret = NULL;
+     }
++    BN_CTX_end(ctx);
+     BN_CTX_free(ctx);
+-    BN_clear_free(m);
+-    BN_clear_free(tmp);
+     BN_clear_free(kinv);
+     return ret;
+ }
+-- 
+2.17.1
+
diff --git a/gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch
new file mode 100644
index 000000000..dfea6e7d0
--- /dev/null
+++ b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch
@@ -0,0 +1,50 @@
+Fix CVE-2018-0732:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
+
+Patch copied from upstream source repository:
+
+https://github.com/openssl/openssl/commit/ea7abeeabf92b7aca160bdd0208636d4da69f4f4
+
+From ea7abeeabf92b7aca160bdd0208636d4da69f4f4 Mon Sep 17 00:00:00 2001
+From: Guido Vranken <guidovranken@gmail.com>
+Date: Mon, 11 Jun 2018 19:38:54 +0200
+Subject: [PATCH] Reject excessively large primes in DH key generation.
+
+CVE-2018-0732
+
+Signed-off-by: Guido Vranken <guidovranken@gmail.com>
+
+(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe)
+
+Reviewed-by: Tim Hudson <tjh@openssl.org>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/6457)
+---
+ crypto/dh/dh_key.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
+index fce9ff47f3..58003d7087 100644
+--- a/crypto/dh/dh_key.c
++++ b/crypto/dh/dh_key.c
+@@ -78,10 +78,15 @@ static int generate_key(DH *dh)
+     int ok = 0;
+     int generate_new_key = 0;
+     unsigned l;
+-    BN_CTX *ctx;
++    BN_CTX *ctx = NULL;
+     BN_MONT_CTX *mont = NULL;
+     BIGNUM *pub_key = NULL, *priv_key = NULL;
+ 
++    if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
++        DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
++        return 0;
++    }
++
+     ctx = BN_CTX_new();
+     if (ctx == NULL)
+         goto err;
+-- 
+2.17.1
+
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index a582fb152..3912d9e2f 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -415,7 +415,9 @@ required structures.")
                         (string-append "ftp://ftp.openssl.org/source/old/"
                                        (string-trim-right version char-set:letter)
                                        "/" name "-" version ".tar.gz")))
-              (patches (search-patches "openssl-1.1.0-c-rehash-in.patch"))
+              (patches (search-patches "openssl-1.1.0-c-rehash-in.patch"
+                                       "openssl-1.1.0-CVE-2018-0495.patch"
+                                       "openssl-1.1.0-CVE-2018-0732.patch"))
               (sha256
                (base32
                 "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq"))))
-- 
2.17.1





From debbugs-submit-bounces@debbugs.gnu.org Thu Jun 14 16:56:22 2018
Received: (at 31833) by debbugs.gnu.org; 14 Jun 2018 20:56:22 +0000
Received: from localhost ([127.0.0.1]:48587 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1fTZI0-0003qD-Eo
	for submit@debbugs.gnu.org; Thu, 14 Jun 2018 16:56:22 -0400
Received: from out2-smtp.messagingengine.com ([66.111.4.26]:44405)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1fTZHx-0003q4-1S
 for 31833@debbugs.gnu.org; Thu, 14 Jun 2018 16:56:15 -0400
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.nyi.internal (Postfix) with ESMTP id B3EF821CE6;
 Thu, 14 Jun 2018 16:56:12 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute4.internal (MEProxy); Thu, 14 Jun 2018 16:56:12 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=content-type:date:from:message-id:mime-version:subject:to
 :x-me-sender:x-me-sender:x-sasl-enc; s=mesmtp; bh=ve0MiyYmtbXQAH
 +PhKCcUJEF4BmoV9Y9YuY5/pLhE0g=; b=F4hhVtb9OKouuiMpbTRm3AuTqXemYE
 1sinRK0GgtPi7BjyAwlKNkA790hzBiegGiFccMUsoqAmE0pDzi7SfPfYQwKYOc0b
 HiEDQU7CRiGaBJeYWZqy1Gj7cL8cgNirQzPFp2zDF1uXOPDHaXJoN/o/cH7YZ4My
 6jovEfUeLJTZc=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-type:date:from:message-id
 :mime-version:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=
 fm3; bh=ve0MiyYmtbXQAH+PhKCcUJEF4BmoV9Y9YuY5/pLhE0g=; b=ovjdTvcC
 mD9IyaPxGf9xmxAgdP6nvZ4Z2DGzFRcodbmOZZmbfPMrV9jbFpQdCCK2bv46bRuq
 2t3aKI+4TybpDTGcsLJzYX67JcTq8CWhfpRt6aOA8uQtMm1Vn9C0DCL7qHzOzKXB
 ot61wv/BgCQjDjeAdwB6JDFhXjNm+S5BdK32SxgYamFZkb25DEHNuRLY9MxQUx84
 PJlU/nshOXWDGgT3t1NGZnQiIcPSIJ+XGgXGuHKQS9hJlwo6Y+YEn23sopN4MxNR
 akUjYCMXNcNHiC4E3j+jGcLd5bSfU+R5ukD1ZonZ+sJnMJLW2tV/6JBsi8iYc2Si
 XDtEqmV7J9MgYA==
X-ME-Proxy: <xmx:bNYiWyEKCEACWSBYZEWfb_4KfKi6caLp9qM8Xw-VZIW29vikiCl52A>
 <xmx:bNYiW_n2POAadUR5kNSmSnR4I0NWgOLgf8EKGBxZEq6Stqx3bfYZ9A>
 <xmx:bNYiW1xmTffKEXwbTWSyOlJWC0c7_zhAd1OwRPQ4PvfUbE03Z3kDMA>
 <xmx:bNYiW8Zu2m0qBl3vU3_FRVsCFcVv3x3sAWXEYkTrlTFNSrFu1Rtc5w>
 <xmx:bNYiWxuL6cc7FU6LBLWZcgzVMoF2N0hc_gHCBbbcCISwNmlkBJL5og>
 <xmx:bNYiW5DGgFe4aa8kJBR5vf89yEpkDgp6e_TKhrTOgEEr2Op6shNBbw>
X-ME-Sender: <xms:bNYiW4F8QqJ2Iucm86JeOVioEoJckH7F1mnV6_bSp5uEl6em5ljBiQ>
Received: from localhost (c-76-124-202-137.hsd1.pa.comcast.net
 [76.124.202.137])
 by mail.messagingengine.com (Postfix) with ESMTPA id 4608DE407B
 for <31833@debbugs.gnu.org>; Thu, 14 Jun 2018 16:56:12 -0400 (EDT)
Date: Thu, 14 Jun 2018 16:56:11 -0400
From: Leo Famulari <leo@famulari.name>
To: 31833@debbugs.gnu.org
Subject: Updated patch for OpenSSL 1.1.0 CVE-2018-{0495,0732}
Message-ID: <20180614205611.GA11105@jasmine.lan>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="V0207lvV8h4k8FAm"
Content-Disposition: inline
User-Agent: Mutt/1.10.0 (2018-05-17)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 31833
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--V0207lvV8h4k8FAm
Content-Type: multipart/mixed; boundary="fUYQa+Pmc3FrFX/N"
Content-Disposition: inline


--fUYQa+Pmc3FrFX/N
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Sorry, my previous patch did not work. The patch for CVE-2018-0495
failed to apply a hunk to the upstream changelog.

--fUYQa+Pmc3FrFX/N
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="0001-gnu-OpenSSL-1.1.0-Fix-CVE-2018-0495-0732.patch"
Content-Transfer-Encoding: quoted-printable

=46rom d8952c1d3b2ebe885ed6b6f316dcce09ee8eeba1 Mon Sep 17 00:00:00 2001
=46rom: Leo Famulari <leo@famulari.name>
Date: Thu, 14 Jun 2018 16:30:57 -0400
Subject: [PATCH] gnu: OpenSSL 1.1.0: Fix CVE-2018-{0495,0732}.

* gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch,
gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/tls.scm (openssl-next)[source]: Use them.
---
 gnu/local.mk                                  |   2 +
 .../patches/openssl-1.1.0-CVE-2018-0495.patch | 152 ++++++++++++++++++
 .../patches/openssl-1.1.0-CVE-2018-0732.patch |  50 ++++++
 gnu/packages/tls.scm                          |   4 +-
 4 files changed, 207 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch
 create mode 100644 gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index e9d572922..27fb18a05 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -975,6 +975,8 @@ dist_patch_DATA =3D						\
   %D%/packages/patches/openssl-runpath.patch			\
   %D%/packages/patches/openssl-1.0.2-CVE-2018-0495.patch	\
   %D%/packages/patches/openssl-1.0.2-CVE-2018-0732.patch	\
+  %D%/packages/patches/openssl-1.1.0-CVE-2018-0495.patch	\
+  %D%/packages/patches/openssl-1.1.0-CVE-2018-0732.patch	\
   %D%/packages/patches/openssl-1.1.0-c-rehash-in.patch		\
   %D%/packages/patches/openssl-c-rehash-in.patch		\
   %D%/packages/patches/orpheus-cast-errors-and-includes.patch	\
diff --git a/gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch b/gnu/p=
ackages/patches/openssl-1.1.0-CVE-2018-0495.patch
new file mode 100644
index 000000000..15dedbcbd
--- /dev/null
+++ b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch
@@ -0,0 +1,152 @@
+Fix CVE-2018-0495:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2018-0495
+https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-th=
e-hidden-number-problem/
+
+Patch copied from upstream source repository:
+
+https://github.com/openssl/openssl/commit/0c27d793745c7837b13646302b6890a5=
56b7017a
+
+From 0c27d793745c7837b13646302b6890a556b7017a Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Fri, 25 May 2018 12:10:13 +0100
+Subject: [PATCH] Add blinding to an ECDSA signature
+
+Keegan Ryan (NCC Group) has demonstrated a side channel attack on an
+ECDSA signature operation. During signing the signer calculates:
+
+s:=3D k^-1 * (m + r * priv_key) mod order
+
+The addition operation above provides a sufficient signal for a
+flush+reload attack to derive the private key given sufficient signature
+operations.
+
+As a mitigation (based on a suggestion from Keegan) we add blinding to
+the operation so that:
+
+s :=3D k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order
+
+Since this attack is a localhost side channel only no CVE is assigned.
+
+Reviewed-by: Rich Salz <rsalz@openssl.org>
+---
+ CHANGES                |  4 +++
+ crypto/ec/ecdsa_ossl.c | 70 +++++++++++++++++++++++++++++++++++++-----
+ 2 files changed, 67 insertions(+), 7 deletions(-)
+
+diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c
+index 72e2f0f28b..449be0e92a 100644
+--- a/crypto/ec/ecdsa_ossl.c
++++ b/crypto/ec/ecdsa_ossl.c
+@@ -210,7 +210,8 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dg=
st, int dgst_len,
+                                EC_KEY *eckey)
+ {
+     int ok =3D 0, i;
+-    BIGNUM *kinv =3D NULL, *s, *m =3D NULL, *tmp =3D NULL;
++    BIGNUM *kinv =3D NULL, *s, *m =3D NULL, *tmp =3D NULL, *blind =3D NUL=
L;
++    BIGNUM *blindm =3D NULL;
+     const BIGNUM *order, *ckinv;
+     BN_CTX *ctx =3D NULL;
+     const EC_GROUP *group;
+@@ -243,8 +244,18 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *d=
gst, int dgst_len,
+     }
+     s =3D ret->s;
+=20
+-    if ((ctx =3D BN_CTX_new()) =3D=3D NULL ||
+-        (tmp =3D BN_new()) =3D=3D NULL || (m =3D BN_new()) =3D=3D NULL) {
++    ctx =3D BN_CTX_secure_new();
++    if (ctx =3D=3D NULL) {
++        ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE);
++        goto err;
++    }
++
++    BN_CTX_start(ctx);
++    tmp =3D BN_CTX_get(ctx);
++    m =3D BN_CTX_get(ctx);
++    blind =3D BN_CTX_get(ctx);
++    blindm =3D BN_CTX_get(ctx);
++    if (blindm =3D=3D NULL) {
+         ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE);
+         goto err;
+     }
+@@ -284,18 +295,64 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *=
dgst, int dgst_len,
+             }
+         }
+=20
+-        if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) {
++        /*
++         * The normal signature calculation is:
++         *
++         *   s :=3D k^-1 * (m + r * priv_key) mod order
++         *
++         * We will blind this to protect against side channel attacks
++         *
++         *   s :=3D k^-1 * blind^-1 * (blind * m + blind * r * priv_key) =
mod order
++         */
++
++        /* Generate a blinding value */
++        do {
++            if (!BN_rand(blind, BN_num_bits(order) - 1, BN_RAND_TOP_ANY,
++                         BN_RAND_BOTTOM_ANY))
++                goto err;
++        } while (BN_is_zero(blind));
++        BN_set_flags(blind, BN_FLG_CONSTTIME);
++        BN_set_flags(blindm, BN_FLG_CONSTTIME);
++        BN_set_flags(tmp, BN_FLG_CONSTTIME);
++
++        /* tmp :=3D blind * priv_key * r mod order */
++        if (!BN_mod_mul(tmp, blind, priv_key, order, ctx)) {
+             ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
+             goto err;
+         }
+-        if (!BN_mod_add_quick(s, tmp, m, order)) {
++        if (!BN_mod_mul(tmp, tmp, ret->r, order, ctx)) {
+             ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
+             goto err;
+         }
++
++        /* blindm :=3D blind * m mod order */
++        if (!BN_mod_mul(blindm, blind, m, order, ctx)) {
++            ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
++            goto err;
++        }
++
++        /* s : =3D (blind * priv_key * r) + (blind * m) mod order */
++        if (!BN_mod_add_quick(s, tmp, blindm, order)) {
++            ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
++            goto err;
++        }
++
++        /* s:=3D s * blind^-1 mod order */
++        if (BN_mod_inverse(blind, blind, order, ctx) =3D=3D NULL) {
++            ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
++            goto err;
++        }
++        if (!BN_mod_mul(s, s, blind, order, ctx)) {
++            ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
++            goto err;
++        }
++
++        /* s :=3D s * k^-1 mod order */
+         if (!BN_mod_mul(s, s, ckinv, order, ctx)) {
+             ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
+             goto err;
+         }
++
+         if (BN_is_zero(s)) {
+             /*
+              * if kinv and r have been supplied by the caller don't to
+@@ -317,9 +374,8 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dg=
st, int dgst_len,
+         ECDSA_SIG_free(ret);
+         ret =3D NULL;
+     }
++    BN_CTX_end(ctx);
+     BN_CTX_free(ctx);
+-    BN_clear_free(m);
+-    BN_clear_free(tmp);
+     BN_clear_free(kinv);
+     return ret;
+ }
+--=20
+2.17.1
+
diff --git a/gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch b/gnu/p=
ackages/patches/openssl-1.1.0-CVE-2018-0732.patch
new file mode 100644
index 000000000..dfea6e7d0
--- /dev/null
+++ b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch
@@ -0,0 +1,50 @@
+Fix CVE-2018-0732:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2018-0732
+
+Patch copied from upstream source repository:
+
+https://github.com/openssl/openssl/commit/ea7abeeabf92b7aca160bdd0208636d4=
da69f4f4
+
+From ea7abeeabf92b7aca160bdd0208636d4da69f4f4 Mon Sep 17 00:00:00 2001
+From: Guido Vranken <guidovranken@gmail.com>
+Date: Mon, 11 Jun 2018 19:38:54 +0200
+Subject: [PATCH] Reject excessively large primes in DH key generation.
+
+CVE-2018-0732
+
+Signed-off-by: Guido Vranken <guidovranken@gmail.com>
+
+(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe)
+
+Reviewed-by: Tim Hudson <tjh@openssl.org>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/6457)
+---
+ crypto/dh/dh_key.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
+index fce9ff47f3..58003d7087 100644
+--- a/crypto/dh/dh_key.c
++++ b/crypto/dh/dh_key.c
+@@ -78,10 +78,15 @@ static int generate_key(DH *dh)
+     int ok =3D 0;
+     int generate_new_key =3D 0;
+     unsigned l;
+-    BN_CTX *ctx;
++    BN_CTX *ctx =3D NULL;
+     BN_MONT_CTX *mont =3D NULL;
+     BIGNUM *pub_key =3D NULL, *priv_key =3D NULL;
+=20
++    if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
++        DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE);
++        return 0;
++    }
++
+     ctx =3D BN_CTX_new();
+     if (ctx =3D=3D NULL)
+         goto err;
+--=20
+2.17.1
+
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index a582fb152..3912d9e2f 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -415,7 +415,9 @@ required structures.")
                         (string-append "ftp://ftp.openssl.org/source/old/"
                                        (string-trim-right version char-set=
:letter)
                                        "/" name "-" version ".tar.gz")))
-              (patches (search-patches "openssl-1.1.0-c-rehash-in.patch"))
+              (patches (search-patches "openssl-1.1.0-c-rehash-in.patch"
+                                       "openssl-1.1.0-CVE-2018-0495.patch"
+                                       "openssl-1.1.0-CVE-2018-0732.patch"=
))
               (sha256
                (base32
                 "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq"))))
--=20
2.17.1


--fUYQa+Pmc3FrFX/N--

--V0207lvV8h4k8FAm
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlsi1msACgkQJkb6MLrK
fwjxURAAxvB9V9f9RxOyji61J5HrX0seezQjzer9KDHmIFoGpOdatkXbncnjh6JY
fOS1846ilzcl4IBzKozp6Rz4DGrypm0slmiyWsl2ub1deTkfwoRgxwhCyheatg0h
TV5h4AaJ961fhUtllcSG7P5MYdOpSo3vtvsfUOhRdXR2SFFKzp9/eD7nkdPT8xD+
FpQrWpYxggHnFdhow0r3Lc/XLas8Om6kmGr1c4rAFrtZdiyRe1B2yeJ4z9zP5FDj
qdHI/Sz9n2V31hIecy/Nl+H2A2d4umDksDByqpk6WXNd4J3zbRMeQBhhQZCqU7Ko
nbpTZutXDMhIObdqIvKcy80b5jtmdtjwouNIv0kCB4paVcBL2RQHIOTRpi9TtHF7
ZrqGQBJZtIyoOdgOcRgjt02wuiEesK/qMs+VtLsJU2qcaHySo7J7uZ8DPaff/bT/
VBNkGZUmDXfVW7twqZSHrhM9uDox3jrTZpuQJZYdNw90GKlSVFB37Fy/8GNWOk7m
JhTnf8DBCAYqYLR6u32FLp4eE0sSqmos78hVJQHRB3hrq/39IUk94WsrJdfdF9DH
IH+6DdkpbHHy4D1tvLoh5e6u5OvcOQHiBd/PNgH3xaPVaGK920VddvOgUu0QOLRl
coNHVS47RSuLhGC8NziSFPdASrJuoLrZZqbziOUG/YyMMwvfA3s=
=j+uP
-----END PGP SIGNATURE-----

--V0207lvV8h4k8FAm--




From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 16 12:09:20 2018
Received: (at 31833) by debbugs.gnu.org; 16 Jun 2018 16:09:20 +0000
Received: from localhost ([127.0.0.1]:51866 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1fUDlP-0005lb-2Z
	for submit@debbugs.gnu.org; Sat, 16 Jun 2018 12:09:20 -0400
Received: from eggs.gnu.org ([208.118.235.92]:50383)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1fUDlL-0005lN-Qc
 for 31833@debbugs.gnu.org; Sat, 16 Jun 2018 12:09:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <ludo@gnu.org>) id 1fUDlD-0006Gx-0o
 for 31833@debbugs.gnu.org; Sat, 16 Jun 2018 12:09:10 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled
 version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:38209)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1fUDlC-0006Gs-St; Sat, 16 Jun 2018 12:09:06 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=39132 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@gnu.org>)
 id 1fUDlC-0003iT-Cz; Sat, 16 Jun 2018 12:09:06 -0400
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
To: Leo Famulari <leo@famulari.name>
Subject: Re: [bug#31833] Updated patch for OpenSSL 1.1.0 CVE-2018-{0495,0732}
References: <b6484c2fe116b4bb28b4b34723ad8a07f5f5e50b.1529008990.git.leo@famulari.name>
 <20180614205611.GA11105@jasmine.lan>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: 28 Prairial an 226 de la =?utf-8?Q?R=C3=A9volution?=
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Sat, 16 Jun 2018 18:09:05 +0200
In-Reply-To: <20180614205611.GA11105@jasmine.lan> (Leo Famulari's message of
 "Thu, 14 Jun 2018 16:56:11 -0400")
Message-ID: <87zhzuogri.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 31833
Cc: 31833@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -6.0 (------)

Hi Leo,

Leo Famulari <leo@famulari.name> skribis:

> From d8952c1d3b2ebe885ed6b6f316dcce09ee8eeba1 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Thu, 14 Jun 2018 16:30:57 -0400
> Subject: [PATCH] gnu: OpenSSL 1.1.0: Fix CVE-2018-{0495,0732}.
>
> * gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch,
> gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch: New files.
> * gnu/local.mk (dist_patch_DATA): Add them.
> * gnu/packages/tls.scm (openssl-next)[source]: Use them.

LGTM, thank you!

Ludo=E2=80=99.




From debbugs-submit-bounces@debbugs.gnu.org Mon Jun 18 12:06:11 2018
Received: (at 31833-done) by debbugs.gnu.org; 18 Jun 2018 16:06:11 +0000
Received: from localhost ([127.0.0.1]:55195 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1fUwfT-0007DF-0P
	for submit@debbugs.gnu.org; Mon, 18 Jun 2018 12:06:11 -0400
Received: from out2-smtp.messagingengine.com ([66.111.4.26]:48159)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1fUwfP-0007D5-0x
 for 31833-done@debbugs.gnu.org; Mon, 18 Jun 2018 12:06:09 -0400
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.nyi.internal (Postfix) with ESMTP id C0026221A1;
 Mon, 18 Jun 2018 12:06:06 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute4.internal (MEProxy); Mon, 18 Jun 2018 12:06:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=cc:content-type:date:from:in-reply-to:message-id:mime-version
 :references:subject:x-me-sender:x-me-sender:x-sasl-enc; s=
 mesmtp; bh=6bI13gGHz7FJ9daQFfHaSOm5v3flfzI6DEsTX6jeit4=; b=g3I1u
 sLHB36oHAQheeH2/7G5WAsCE+QQSVuxfKpDx8d9RPWPhjHLF1RBwy61pk6LbsolB
 y5O/QPPr8abf8HbBqMH8Sbc0wO5xulibVKLWc/sWUXHrIgQzvK6ZulPmB+G1ByFh
 RcLPLuZNgQEl91+5Xu2snZ0MBg8zzO2VsYdfZA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:x-me-sender
 :x-me-sender:x-sasl-enc; s=fm3; bh=6bI13gGHz7FJ9daQFfHaSOm5v3flf
 zI6DEsTX6jeit4=; b=UCNO4Ecftc7Al12NglKKY8gJaqpYNLKYQ3Fbs+WuMADPs
 6Z2qfGHmKP23qUU6TB/IB0yTmRLeFwatHmTs1bC/+zQbkgkP4d/GpZzEkG1g3Nj6
 HE6O7tkFIzkF1wqKpYW4E7ahcwR2fCfp4HgiPF9TSS90BA/43HGbrN/OoVC0tqy6
 dGkm7rNOWQ1rHPFDK6XxTnlR15pJDyYTWXitXyOGvzFZkF/CQyDB0jRQ5P7jNvLq
 ej8wpM2CMjoABSL+NYjZQd/6XMoVm7/DBciDBzAAmuGS/e06jNTANj4TlvTaOEtG
 Wh7NTxMm6xItErXUGkBzTLHYsQ2HJfBWlaYJpxVAg==
X-ME-Proxy: <xmx:btgnW5TtW5tPe_DwMYSq-aIIoFNRuqU-prG2oX-SqaSm3gSHOYmgnw>
 <xmx:btgnW_B6HS56mlXDcOIF9dgKg8ymn7QX5rNe3xQ9IgyioUWefkaknA>
 <xmx:btgnW1G22GEMacFXWCAjHVK7-1oqYIpiOP7N4BXu0rcRx6-tbUMZKg>
 <xmx:btgnW-oHcgv0GjbGWyOsgKwE_22RRhSolN0OIuG8-Y5-Hyn3ELAiOg>
 <xmx:btgnWxgq1D0AxwNWKLQY7hjtawQysSjJloMoq4YzdaN4nEcM5xY07g>
 <xmx:btgnWz-7c5Uge58v8A6hdkjuET9x4tyCuxOvxP29-UmK8yHMb1mD0g>
X-ME-Sender: <xms:btgnW1_G92Pb_-sMFVwnxFtOjrepRjHy7FI2ecpdKz4lxwJGGj44ww>
Received: from localhost (unknown [172.58.225.64])
 by mail.messagingengine.com (Postfix) with ESMTPA id 5398CE4329
 for <31833-done@debbugs.gnu.org>; Mon, 18 Jun 2018 12:06:06 -0400 (EDT)
Date: Mon, 18 Jun 2018 12:06:05 -0400
From: Leo Famulari <leo@famulari.name>
Subject: Re: [bug#31833] Updated patch for OpenSSL 1.1.0 CVE-2018-{0495,0732}
Message-ID: <20180618160605.GA30565@jasmine.lan>
References: <b6484c2fe116b4bb28b4b34723ad8a07f5f5e50b.1529008990.git.leo@famulari.name>
 <20180614205611.GA11105@jasmine.lan> <87zhzuogri.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="jRHKVT23PllUwdXP"
Content-Disposition: inline
In-Reply-To: <87zhzuogri.fsf@gnu.org>
User-Agent: Mutt/1.10.0 (2018-05-17)
X-Spam-Score: 0.5 (/)
X-Debbugs-Envelope-To: 31833-done
Cc: 31833-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.5 (/)


--jRHKVT23PllUwdXP
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Jun 16, 2018 at 06:09:05PM +0200, Ludovic Court=E8s wrote:
> Hi Leo,
>=20
> Leo Famulari <leo@famulari.name> skribis:
>=20
> > From d8952c1d3b2ebe885ed6b6f316dcce09ee8eeba1 Mon Sep 17 00:00:00 2001
> > From: Leo Famulari <leo@famulari.name>
> > Date: Thu, 14 Jun 2018 16:30:57 -0400
> > Subject: [PATCH] gnu: OpenSSL 1.1.0: Fix CVE-2018-{0495,0732}.
> >
> > * gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch,
> > gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch: New files.
> > * gnu/local.mk (dist_patch_DATA): Add them.
> > * gnu/packages/tls.scm (openssl-next)[source]: Use them.
>=20
> LGTM, thank you!

Thanks! Pushed as 9f162c0ab42d8adecc1e23375ce8cb8090714399

--jRHKVT23PllUwdXP
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlsn2G0ACgkQJkb6MLrK
fwiDFxAAplqUz7lkjai5t7R86Ut+LKoPmvaz9pfF5X7w3CXIhO4hTtq32BPRFcAa
OoJja7qSNSkXk/VR+Q8JVgHiZuTHbPgXapBpuYUsRIVvdCTWa/LBgAeoXtm1DfvZ
29sFfnfoEL33BLRJu4zPZuRwtwioqZHyv4pGvoPx2aJMsD87GPz/MI4X5v49xUo1
aSpy0+Vu+YT/IipEJFUD041RQsGSUpjNPaJvWGz+E76XemG10h5Lxh6AQL2kGxbx
3dpUHjMxQBBdYfAbleaRAeivqpDgkSZSbufaoGuk/9gP0Dru1exr6q8vUD4RQ2dB
M6ExPHBqp3bL0HREo8pp41VeNRuKx5BLbGQ8YVBtMgVyQF6ElVC5v4UdhmDZwaUo
y48IfMLUf4dbJhjc5FUhFfIDu7PUiM6fE2H8RlCKXDuBBBi+MRMCj9SxBWz68Xaz
Qx9HTs1teJyMCCwl4wUe/30k3WSHMXRr0MRQiucifD4D7AJnCnz2tyQoWYUyhgHH
nucwYQptaBE+qN5+rxadJLFoClcNdDYkcFmiOpShjLGyLv9Npjk7InQZmkJ0kt/G
jiaDgib6HH4YvSsIoqlgeSLd/T3F7Y1w+EpG66iLp9bzzoQbnTwWHgsXKE5KTnbn
rQCVMPwJPxYtt1svtmWfDOQJyxtcSTU3KaeymKEseMAZuaGuYRE=
=5W6+
-----END PGP SIGNATURE-----

--jRHKVT23PllUwdXP--




From unknown Fri Jun 20 19:46:37 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Tue, 17 Jul 2018 11:24:04 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator