From aec6329fe6b56821fd643ccaacb4d5d61f4eaad6 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 20 Dec 2023 13:50:54 +0000 Subject: gentoo auto-resync : 20:12:2023 - 13:50:54 --- app-crypt/mhash/Manifest | 3 ++- .../mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch | 19 +++++++++++++++++++ app-crypt/mhash/mhash-0.9.9.9-r3.ebuild | 1 + 3 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch (limited to 'app-crypt/mhash') diff --git a/app-crypt/mhash/Manifest b/app-crypt/mhash/Manifest index c4fea5b723b1..fe1fd50e4a6a 100644 --- a/app-crypt/mhash/Manifest +++ b/app-crypt/mhash/Manifest @@ -5,9 +5,10 @@ AUX mhash-0.9.9-fix-whirlpool-segfault.patch 915 BLAKE2B 6ba9474d77a237df205943d AUX mhash-0.9.9.9-align.patch 2870 BLAKE2B ebb476db00de0ea7a816b0748c17be261a3a30decb4c9647acbf4cc223fea5c7adf1460742de9861d052a264498cd2680dd306f4ba0e1f64f14bafe39856954a SHA512 95f29f71da608943bdb0f3510fb9ceb7ab78221a446449024abb0dda95ac9f6629696f8f6ebfe076b235cb9f2d52571ae2e64beefbf4d196fcd94b6ced07d416 AUX mhash-0.9.9.9-alignment.patch 412 BLAKE2B a08862c748f2b8591696481984e6cbcc3f3c310ba1cf0dda4a0e91571803b9a8be0567691f946300a61521c2b4a5236b303f929089a844283300d292f04fcea9 SHA512 4d42a8ca8e2ce21fe92ce2f85936e431e277e9e7b5430d9d2a254fe9bacd4ae95139f60b0a5af4a4d962965ca550e74fc45a4d357d3867f54bc523f9f74f9b1f AUX mhash-0.9.9.9-force64bit-tiger.patch 372 BLAKE2B cdce999eba8fea0ebb47b29297b71d014377db53c1cdf88c15f2075e6279e8e42031f94ce9f1987ed5c6b8cf4067f485b5ea298145961f06e4cb09ef8ec9a961 SHA512 cf31ca18afce576dcaa5b7a2a20567dc73ef750a193dfa35265508974bc17c54e967a02fb575047edcc190178a7533971d7f4980cd605714e9c0cefb4aa33186 +AUX mhash-0.9.9.9-hmac-uaf-test.patch 607 BLAKE2B 3575c41c61ac93e21601aa47e70a5633d9f5246f339a73a4fb9cc9c68f14f3faa6f1f319c75bfe1219c61fbff57296df80a117bdbd4c105bf226b1939dc9fe0c SHA512 799ae837aaeea00939a069d0d2e30a2c44672a4428598e77f747a85035865df23768884ddba046b6995e9f0f335175991aec40ed61dfb4cf3ec3f6fd01e18023 AUX mhash-0.9.9.9-no-malloc-check.patch 776 BLAKE2B 956fc4dae9fd3ee0416b086c781882be8e97042db99e002d0e9e759db560bcc24228363499664034ee92ffc566b734add957c1614ce835be7627946ab06cdfc2 SHA512 7c891822e2a5dd52610219dbb7e6a2a5eb9064842b73365cf2b10ef1b6bf951108220b9840a1fe61a5b001261288f8ec9dd7b0c7926b1d8cbce724bb14b0397a AUX mhash-0.9.9.9-remove_premature_free.patch 285 BLAKE2B 7245b1241bbb0001ac588554a3069b6665eeb424c2420dbb6948c68278036e0dec7c16f6a0bec059b54cadd617362e8086b918673d3063aa42598fba952aab26 SHA512 66dcdbfcbd298cde83ab026ff075a09b91662a17f48f9e6c41284513e7ccb398d34f3bef3b72c684a52b9bab43f0fe3d6a751403dc412e66814e5d6ae3160b31 AUX mhash.pc 113 BLAKE2B 124a12d80c1efd3a49b12cbb9d6b56f4af0525757610adc918bb62800c713a63fa53fa1d454b9d38048bbdb1967b3f9d8ae8e07bde909dfc6a4218517cee1515 SHA512 3e9afc4976f26c48817d9dcb5896e410831bfcde3747be3ef62845617b9bad866da5243a965b801e6699121b45b17913471bb5370d7f522e2abd7fbce30c7690 DIST mhash-0.9.9.9.tar.gz 931437 BLAKE2B 2daed92b731148c388d4340e67d99959f71783e68617614c9be797dae655ba1aeb087d4f604015edb752dedc2d69add305510996a06633ef26fd997ab7601bed SHA512 82ad8b8e9b0463c5a14f5c0e572badc42c4697bac5505443b144287b3f8510b1410721b4277f092a0d6045c4342e997831011cdfcbfa8f1dae6edd5d9e3cefee -EBUILD mhash-0.9.9.9-r3.ebuild 1577 BLAKE2B 3e9e78d07b09f06f68428041234e31fc6d7293d3bb5ab56a8535135ec9344395c2dbeaaab140845eb779ef90b94784f09c57d6f6c3c397a62766c375845434eb SHA512 e7fa5180ac14560bd6eb5fbf59e24f1eaf226b5bbd6e278d35afde30b831ebb511586c89075e5be5645d1f6a4bdf8ad54b4b67da7da87410068b25c45d324cfd +EBUILD mhash-0.9.9.9-r3.ebuild 1617 BLAKE2B 395592ac68ab3a9953ca18ee160eddb40d93eb96a6a6abcdb5fcd3a0b3e7b8cb4a0c677b58e86390bd21ced6235bc85b55659c01f61d67019f9cf5579de8ad8f SHA512 676cb487ab73a9087d625bd86f9bfe8eea8576dfef57fe9b34892c4df5fa23d3f16188837eee9b445e1df066ed8f4b7c26903925dd06be4ed6e95e0c9af82f1e MISC metadata.xml 243 BLAKE2B 4c6b49b93d1fdaacdd5ae595bbaf340370e48e5df568540efc566f7070ec80d33d1bb0d3c26f975f32d94eaf02b077057da160608630138520e2efb2e70bfa4f SHA512 089a87cbbfe31db3fe8b552698ef7b84254c748d6d7913c2bcc5ba6f167d40c4da8a872b56934dc96a7c16049f942c1c3d7d87a6b88ecf5706347447ed9cbf6a diff --git a/app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch b/app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch new file mode 100644 index 000000000000..cd9b3c041891 --- /dev/null +++ b/app-crypt/mhash/files/mhash-0.9.9.9-hmac-uaf-test.patch @@ -0,0 +1,19 @@ +https://bugs.gentoo.org/914173 +https://sourceforge.net/p/mhash/patches/12/ +https://sourceforge.net/p/mhash/bugs/43/ + +Fixes a segfault due to use-after-free on x86 & ARM in the test suite. + +Index: mhash-0.9.9.9/src/hmac_test.c +=================================================================== +--- mhash-0.9.9.9/src/hmac_test.c ++++ mhash-0.9.9.9/src/hmac_test.c 2020-04-01 00:04:44.039815882 +0200 +@@ -76,8 +76,6 @@ + + /* Test No 2 */ + +- mutils_memset(tmp, 0, sizeof(tmp)); +- + passlen=sizeof(KEY2) - 1; + password = (mutils_word8 *) mutils_malloc(passlen+1); + mutils_memcpy(password, KEY2, passlen); diff --git a/app-crypt/mhash/mhash-0.9.9.9-r3.ebuild b/app-crypt/mhash/mhash-0.9.9.9-r3.ebuild index e2dff3f8b8ba..59e8dcb9010e 100644 --- a/app-crypt/mhash/mhash-0.9.9.9-r3.ebuild +++ b/app-crypt/mhash/mhash-0.9.9.9-r3.ebuild @@ -26,6 +26,7 @@ PATCHES=( "${FILESDIR}"/${P}-align.patch "${FILESDIR}"/${P}-alignment.patch "${FILESDIR}"/${P}-no-malloc-check.patch + "${FILESDIR}"/${P}-hmac-uaf-test.patch ) DOCS=( doc/example.c doc/skid2-authentication ) -- cgit v1.2.3