From fe1c8b732bd548b699d4c2ef725f67f8b8c8911c Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 4 May 2018 11:22:40 +0100 Subject: gentoo resync : 04.05.2018 --- dev-libs/openssl/Manifest | 1 - .../files/openssl-1.1.0g-CVE-2017-3738.patch | 77 ---------------------- 2 files changed, 78 deletions(-) delete mode 100644 dev-libs/openssl/files/openssl-1.1.0g-CVE-2017-3738.patch (limited to 'dev-libs/openssl') diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest index 8e9d61d2a904..242a0c2709ef 100644 --- a/dev-libs/openssl/Manifest +++ b/dev-libs/openssl/Manifest @@ -5,7 +5,6 @@ AUX openssl-0.9.8h-ldflags.patch 1151 BLAKE2B b215e46c380e571f153445f902803cf5d0 AUX openssl-0.9.8m-binutils.patch 684 BLAKE2B 35650e98595910d2e6b6fc846b49fecbb2a8e4a8b647bbec009a829ae4af8afdc7e7edac7a1eec8f13af1ad69b7036ca6af28bfd9509e6bba58f2b3906d6bdd5 SHA512 5e8a20111bd4809e7375c7323dab2c2edd6a131d1ec2377ee99c5e06ceb7b4b000e9606ba6d0e68cd67d8e001cc8194e11e301eace0feb066d5f3c5b331b5f04 AUX openssl-0.9.8z_p8-perl-5.26.patch 310 BLAKE2B 29c46391d127cd2b1cb3943f1bb162a8b931e455f35f9e045372102d1461e3e3fd4cf4e4f544ec06a0b46a573d2009c8decf22678df03707c2487bade64f27b5 SHA512 b8e745ff90e447b000ace9cfd5f746c1bc8f3bb8249064d1d2f1072a1a628f5a89c405c7f384c73f0310f2a2f7af672950a9b7adbc583b1ee94b41d911b8a708 AUX openssl-1.0.2a-x32-asm.patch 1561 BLAKE2B ee5e5b91e4babacff71edf36cce80fbcb2b8dbb9a7ea63a816d3a5de544fbffd8b4216d7a95bd44e718c7a83dd8b8b5ad85caed4205eab5de566b0b7e5054fc1 SHA512 fbb23393e68776e9d34953f85ba3cbb285421d50f06bd297b485c7cffc8d89ca8caff6783f21038ae668b5c75056c89dc652217ac8609b5328e2c28e70ac294c -AUX openssl-1.1.0g-CVE-2017-3738.patch 2317 BLAKE2B 93ec481b15075ecb94c175659314d6e5a90c1a513d8e82948823bce8c51214e7e27f72a56f9043f0771d5458159f1844e4ac8f6d12d0ed78cbc75a1b9630094b SHA512 4b033443d49d385d6ef9e89975af0e1d8108b97d28492239a427ac15ecc4e9c995b6a0df324361baefbe3ae04ecb97508ad7c80eb22b5b4a157a1a1b5c875b61 AUX openssl-1.1.0h-CVE-2018-0737.patch 996 BLAKE2B 4b4d6e619a508f36f4fdc00c0066d1160ff7f6cd301cd799405d37b3236ebb69b11a4ccf9baa9ea3a69f21c6fe8550b440c1a3503ec27a5a9c5d1e4d472e2b57 SHA512 833712f0ae355aed6547ccf49447d50bdb7be1ea3c3b3b51f182f6e0eb17692c78ca90341a151985b35b86800cf6229926f3e3af936741d437ab9ac5444987c0 DIST openssl-0.9.8zh.tar.gz 3818524 BLAKE2B 610bb4858900983cf4519fa8b63f1e03b3845e39e68884fd8bebd738cd5cd6c2c75513643af49bf9e2294adc446a6516480fe9b62de55d9b6379bf9e7c5cd364 SHA512 b97fa2468211f86c0719c68ad1781eff84f772c479ed5193d6da14bac086b4ca706e7d851209d9df3f0962943b5e5333ab0def00110fb2e517caa73c0c6674c6 DIST openssl-1.0.2-patches-1.0.tar.xz 11572 BLAKE2B bdb9d2b8388f1aadf3a9274133aa8f86b0029fae1ce86d005baa39a7347657f8d4d84395b54e8ccd67944356ee197dfb527f843b4f146e305533e2ad5450721d SHA512 15234ade359a0acf001cf10c7a7fc05f54603a44c67831529c2a6eda03342f9ba1cf40664ac782b5b73c50b23ec5649fb48ccff2aea8f0df2ef634959c47e3e9 diff --git a/dev-libs/openssl/files/openssl-1.1.0g-CVE-2017-3738.patch b/dev-libs/openssl/files/openssl-1.1.0g-CVE-2017-3738.patch deleted file mode 100644 index 4b01feb8e873..000000000000 --- a/dev-libs/openssl/files/openssl-1.1.0g-CVE-2017-3738.patch +++ /dev/null @@ -1,77 +0,0 @@ -From e502cc86df9dafded1694fceb3228ee34d11c11a Mon Sep 17 00:00:00 2001 -From: Andy Polyakov -Date: Fri, 24 Nov 2017 11:35:50 +0100 -Subject: [PATCH] bn/asm/rsaz-avx2.pl: fix digit correction bug in - rsaz_1024_mul_avx2. - -Credit to OSS-Fuzz for finding this. - -CVE-2017-3738 - -Reviewed-by: Rich Salz ---- - crypto/bn/asm/rsaz-avx2.pl | 15 +++++++-------- - 1 file changed, 7 insertions(+), 8 deletions(-) - -diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl -index 0c1b236ef98..46d746b7d0e 100755 ---- a/crypto/bn/asm/rsaz-avx2.pl -+++ b/crypto/bn/asm/rsaz-avx2.pl -@@ -246,7 +246,7 @@ - vmovdqu 32*8-128($ap), $ACC8 - - lea 192(%rsp), $tp0 # 64+128=192 -- vpbroadcastq .Land_mask(%rip), $AND_MASK -+ vmovdqu .Land_mask(%rip), $AND_MASK - jmp .LOOP_GRANDE_SQR_1024 - - .align 32 -@@ -1077,10 +1077,10 @@ - vpmuludq 32*6-128($np),$Yi,$TEMP1 - vpaddq $TEMP1,$ACC6,$ACC6 - vpmuludq 32*7-128($np),$Yi,$TEMP2 -- vpblendd \$3, $ZERO, $ACC9, $ACC9 # correct $ACC3 -+ vpblendd \$3, $ZERO, $ACC9, $TEMP1 # correct $ACC3 - vpaddq $TEMP2,$ACC7,$ACC7 - vpmuludq 32*8-128($np),$Yi,$TEMP0 -- vpaddq $ACC9, $ACC3, $ACC3 # correct $ACC3 -+ vpaddq $TEMP1, $ACC3, $ACC3 # correct $ACC3 - vpaddq $TEMP0,$ACC8,$ACC8 - - mov %rbx, %rax -@@ -1093,7 +1093,9 @@ - vmovdqu -8+32*2-128($ap),$TEMP2 - - mov $r1, %rax -+ vpblendd \$0xfc, $ZERO, $ACC9, $ACC9 # correct $ACC3 - imull $n0, %eax -+ vpaddq $ACC9,$ACC4,$ACC4 # correct $ACC3 - and \$0x1fffffff, %eax - - imulq 16-128($ap),%rbx -@@ -1329,15 +1331,12 @@ - # But as we underutilize resources, it's possible to correct in - # each iteration with marginal performance loss. But then, as - # we do it in each iteration, we can correct less digits, and --# avoid performance penalties completely. Also note that we --# correct only three digits out of four. This works because --# most significant digit is subjected to less additions. -+# avoid performance penalties completely. - - $TEMP0 = $ACC9; - $TEMP3 = $Bi; - $TEMP4 = $Yi; - $code.=<<___; -- vpermq \$0, $AND_MASK, $AND_MASK - vpaddq (%rsp), $TEMP1, $ACC0 - - vpsrlq \$29, $ACC0, $TEMP1 -@@ -1770,7 +1769,7 @@ - - .align 64 - .Land_mask: -- .quad 0x1fffffff,0x1fffffff,0x1fffffff,-1 -+ .quad 0x1fffffff,0x1fffffff,0x1fffffff,0x1fffffff - .Lscatter_permd: - .long 0,2,4,6,7,7,7,7 - .Lgather_permd: -- cgit v1.2.3