summary refs log tree commit diff
diff options
context:
space:
mode:
authorPierre Langlois <pierre.langlois@gmx.com>2018-02-08 09:57:41 +0000
committerLudovic Courtès <ludo@gnu.org>2018-02-15 10:23:42 +0100
commit6ca15c9ef615979862a07c02bd316e7f12a0c7ca (patch)
tree448aaf537b5691fbe1b328c98fa24c61c03550b3
parent9859b5c190b43a2d53f03f1ac71bad20c74b632b (diff)
downloadguix-6ca15c9ef615979862a07c02bd316e7f12a0c7ca.tar.gz
gnu: crypto++: Update to 6.0.0.
* gnu/packages/crypto.scm (crypto++): Update to 6.0.0.
* gnu/packages/patches/crypto++-fix-dos-in-asn.1-decoders.patch: Delete
file.
* gnu/local.mk (dist_patch_DATA): Remove it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/crypto.scm6
-rw-r--r--gnu/packages/patches/crypto++-fix-dos-in-asn.1-decoders.patch65
3 files changed, 2 insertions, 70 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index c5c9278201..4a258dd3cd 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -599,7 +599,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/crawl-upgrade-saves.patch		\
   %D%/packages/patches/crda-optional-gcrypt.patch		\
   %D%/packages/patches/crossmap-allow-system-pysam.patch	\
-  %D%/packages/patches/crypto++-fix-dos-in-asn.1-decoders.patch \
   %D%/packages/patches/clucene-contribs-lib.patch               \
   %D%/packages/patches/cube-nocheck.patch			\
   %D%/packages/patches/cursynth-wave-rand.patch			\
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index 5e5bc4de05..225c26378d 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -583,7 +583,7 @@ data on your platform, so the seed itself will be as random as possible.
 (define-public crypto++
   (package
     (name "crypto++")
-    (version "5.6.5")
+    (version "6.0.0")
     (source (origin
               (method url-fetch/zipbomb)
               (uri (string-append "https://cryptopp.com/cryptopp"
@@ -591,9 +591,7 @@ data on your platform, so the seed itself will be as random as possible.
                                   ".zip"))
               (sha256
                (base32
-                "0d1cqdz369ivi082k59025wvxzywvkizw7i0pf5h0a1izs3g8pm7"))
-              (patches
-               (search-patches "crypto++-fix-dos-in-asn.1-decoders.patch"))))
+                "1nidm6xbdza5cbgf5md2zznmaq692rfyjasycwipl6rzdfwjvb34"))))
     (build-system gnu-build-system)
     (arguments
      `(#:make-flags
diff --git a/gnu/packages/patches/crypto++-fix-dos-in-asn.1-decoders.patch b/gnu/packages/patches/crypto++-fix-dos-in-asn.1-decoders.patch
deleted file mode 100644
index 88b2e7f25a..0000000000
--- a/gnu/packages/patches/crypto++-fix-dos-in-asn.1-decoders.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-From 3d9181d7bdd8e491f745dbc9e34bd20b6f6da069 Mon Sep 17 00:00:00 2001
-From: Gergely Nagy <ngg@tresorit.com>
-Date: Wed, 14 Dec 2016 13:19:01 +0100
-Subject: [PATCH] Fix possible DoS in ASN.1 decoders (CVE-2016-9939)
-
----
- asn.cpp | 10 ++++++++++
- asn.h   |  2 ++
- 2 files changed, 12 insertions(+)
-
-diff --git a/asn.cpp b/asn.cpp
-index 297ff010..2e923ef7 100644
---- a/asn.cpp
-+++ b/asn.cpp
-@@ -123,6 +123,8 @@ size_t BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str)
- 	size_t bc;

- 	if (!BERLengthDecode(bt, bc))

- 		BERDecodeError();

-+	if (bc > bt.MaxRetrievable())

-+		BERDecodeError();

- 

- 	str.New(bc);

- 	if (bc != bt.Get(str, bc))

-@@ -139,6 +141,8 @@ size_t BERDecodeOctetString(BufferedTransformation &bt, BufferedTransformation &
- 	size_t bc;

- 	if (!BERLengthDecode(bt, bc))

- 		BERDecodeError();

-+	if (bc > bt.MaxRetrievable())

-+		BERDecodeError();

- 

- 	bt.TransferTo(str, bc);

- 	return bc;

-@@ -161,6 +165,8 @@ size_t BERDecodeTextString(BufferedTransformation &bt, std::string &str, byte as
- 	size_t bc;

- 	if (!BERLengthDecode(bt, bc))

- 		BERDecodeError();

-+	if (bc > bt.MaxRetrievable())

-+		BERDecodeError();

- 

- 	SecByteBlock temp(bc);

- 	if (bc != bt.Get(temp, bc))

-@@ -188,6 +194,10 @@ size_t BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigne
- 	size_t bc;

- 	if (!BERLengthDecode(bt, bc))

- 		BERDecodeError();

-+	if (bc == 0)

-+		BERDecodeError();

-+	if (bc > bt.MaxRetrievable())

-+		BERDecodeError();

- 

- 	byte unused;

- 	if (!bt.Get(unused))

-diff --git a/asn.h b/asn.h
-index ed9de52c..33f0dd09 100644
---- a/asn.h
-+++ b/asn.h
-@@ -498,6 +498,8 @@ void BERDecodeUnsigned(BufferedTransformation &in, T &w, byte asnTag = INTEGER,
- 	bool definite = BERLengthDecode(in, bc);

- 	if (!definite)

- 		BERDecodeError();

-+	if (bc > in.MaxRetrievable())

-+		BERDecodeError();

- 

- 	SecByteBlock buf(bc);

-