Permalink
Browse files

619216-gnutls-CN-validation.patch: fix the validation of the commonna…

…me in the gnutls code (Closes: 619216)
  • Loading branch information...
1 parent 2df9cdc commit fc8719a8feeb301555937b80f1facf62a91568e1 @aradici aradici committed May 5, 2011
Showing with 39 additions and 0 deletions.
  1. +2 −0 debian/changelog
  2. +1 −0 debian/patches/series
  3. +36 −0 debian/patches/upstream/619216-gnutls-CN-validation.patch
View
@@ -25,6 +25,8 @@ mutt (1.5.21-5) unstable; urgency=low
+ 584138-mx_update_context-segfault.patch: fix a segfault due to holes in
IMAP headers, 537694-segv-imap-headers.patch is removed as part of this fix
(Closes: 584138)
+ + 619216-gnutls-CN-validation.patch: fix the validation of the
+ commonname in the gnutls code (Closes: 619216)
* debian/patches/compressed-folders: remove partially uncompressed folder if
the open fails (Closes: 578098)
* debian/extra/samples/sidebar.muttrc: documented the options that
View
@@ -50,6 +50,7 @@ upstream/611412-bts-regexp.patch
upstream/624058-gnutls-deprecated-set-priority.patch
upstream/624085-gnutls-deprecated-verify-peers.patch
upstream/584138-mx_update_context-segfault.patch
+upstream/619216-gnutls-CN-validation.patch
upstream/path_max
mutt.org
@@ -0,0 +1,36 @@
+This patch addresses a security problem due to the fact that the validation of
+the SSL CN is not correctly done in the gnutls-related code of mutt.
+
+The patch has been provided by hhorak on http://bugs.mutt.org/3506, the original
+bug where the security problem was reported for Debian is
+http://bugs.debian.org/619216
+
+--- a/mutt_ssl_gnutls.c
++++ b/mutt_ssl_gnutls.c
+@@ -999,6 +999,7 @@
+ unsigned int cert_list_size = 0;
+ gnutls_certificate_status certstat;
+ int certerr, i, preauthrc, savedcert, rc = 0;
++ int rcpeer;
+
+ if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE)
+ {
+@@ -1024,6 +1025,9 @@
+ for (i = 0; i < cert_list_size; i++) {
+ rc = tls_check_preauth(&cert_list[i], certstat, conn->account.host, i,
+ &certerr, &savedcert);
++ if (i ==0)
++ rcpeeer = rc;
++
+ preauthrc += rc;
+
+ if (savedcert)
+@@ -1049,7 +1053,7 @@
+ dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rc));
+
+ certstat = tls_verify_peers (state);
+- if (!certstat)
++ if (!certstat && !rcpeer)
+ return 1;
+ }
+ }

0 comments on commit fc8719a

Please sign in to comment.