From afc5dbeaabcf93720bcb5e2c447cf451e1236107 Mon Sep 17 00:00:00 2001 From: bket Date: Wed, 15 Apr 2020 13:04:41 +0000 Subject: [PATCH] Update to mbedtls-2.16.6 Fix side channel in ECC code that allowed an adversary with access to precise enough timing and memory access information to fully recover an ECDSA private key (CVE-2020-10932). --- security/polarssl/Makefile | 4 ++-- security/polarssl/distinfo | 4 ++-- .../patches/patch-tests_suites_host_test_function | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/security/polarssl/Makefile b/security/polarssl/Makefile index c76a52dcb57..d883afa70fb 100644 --- a/security/polarssl/Makefile +++ b/security/polarssl/Makefile @@ -1,10 +1,10 @@ -# $OpenBSD: Makefile,v 1.33 2020/02/22 06:38:12 bket Exp $ +# $OpenBSD: Makefile,v 1.34 2020/04/15 13:04:41 bket Exp $ PORTROACH= limit:^2\.16 COMMENT= SSL library with an intuitive API and readable source code -DISTNAME= mbedtls-2.16.5 +DISTNAME= mbedtls-2.16.6 EXTRACT_SUFX= -gpl.tgz # check SOVERSION diff --git a/security/polarssl/distinfo b/security/polarssl/distinfo index 24daf848989..44df8d00d6f 100644 --- a/security/polarssl/distinfo +++ b/security/polarssl/distinfo @@ -1,2 +1,2 @@ -SHA256 (mbedtls-2.16.5-gpl.tgz) = br3qZWXHFPExW5r2qAKvtLTomXb31dKxWqgCjrUufQk= -SIZE (mbedtls-2.16.5-gpl.tgz) = 2702325 +SHA256 (mbedtls-2.16.6-gpl.tgz) = gKSE30LzLb6VZlzUsYzg3RS2xn39Vh020UdYAuQes+0= +SIZE (mbedtls-2.16.6-gpl.tgz) = 2706375 diff --git a/security/polarssl/patches/patch-tests_suites_host_test_function b/security/polarssl/patches/patch-tests_suites_host_test_function index d73eafe1687..3bae389dd74 100644 --- a/security/polarssl/patches/patch-tests_suites_host_test_function +++ b/security/polarssl/patches/patch-tests_suites_host_test_function @@ -1,4 +1,4 @@ -$OpenBSD: patch-tests_suites_host_test_function,v 1.3 2019/10/18 04:56:37 bket Exp $ +$OpenBSD: patch-tests_suites_host_test_function,v 1.4 2020/04/15 13:04:41 bket Exp $ Can't take the address of stdout. @@ -15,7 +15,7 @@ Index: tests/suites/host_test.function #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC) -@@ -549,20 +546,6 @@ int execute_tests( int argc , const char ** argv ) +@@ -537,20 +534,6 @@ int execute_tests( int argc , const char ** argv ) test_info.result = TEST_RESULT_SUCCESS; test_info.paramfail_test_state = PARAMFAIL_TESTSTATE_IDLE; @@ -36,7 +36,7 @@ Index: tests/suites/host_test.function function_id = strtol( params[0], NULL, 10 ); if ( (ret = check_test( function_id )) == DISPATCH_TEST_SUCCESS ) -@@ -574,13 +557,6 @@ int execute_tests( int argc , const char ** argv ) +@@ -562,13 +545,6 @@ int execute_tests( int argc , const char ** argv ) } } @@ -50,7 +50,7 @@ Index: tests/suites/host_test.function } -@@ -669,10 +645,6 @@ int execute_tests( int argc , const char ** argv ) +@@ -652,10 +628,6 @@ int execute_tests( int argc , const char ** argv ) mbedtls_memory_buffer_alloc_free(); #endif