diff options
author | Marius Bakke <mbakke@fastmail.com> | 2018-06-19 17:02:16 +0200 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2018-06-19 17:02:16 +0200 |
commit | 0106d6b40dc0b8f1c81326e633bfa5134a446a9c (patch) | |
tree | 978cc8408f2d52a024f692a31e98cb555da95462 /gnu/packages | |
parent | 7e66e0b3e7f69e045362f9452f9b745aa850d354 (diff) | |
parent | 793a66e5fef3f562080000280c022af517aad612 (diff) | |
download | guix-0106d6b40dc0b8f1c81326e633bfa5134a446a9c.tar guix-0106d6b40dc0b8f1c81326e633bfa5134a446a9c.tar.gz |
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages')
-rw-r--r-- | gnu/packages/audio.scm | 4 | ||||
-rw-r--r-- | gnu/packages/backup.scm | 4 | ||||
-rw-r--r-- | gnu/packages/databases.scm | 4 | ||||
-rw-r--r-- | gnu/packages/elf.scm | 4 | ||||
-rw-r--r-- | gnu/packages/emacs.scm | 45 | ||||
-rw-r--r-- | gnu/packages/gnu-pw-mgr.scm | 14 | ||||
-rw-r--r-- | gnu/packages/mail.scm | 4 | ||||
-rw-r--r-- | gnu/packages/music.scm | 6 | ||||
-rw-r--r-- | gnu/packages/package-management.scm | 15 | ||||
-rw-r--r-- | gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch | 215 | ||||
-rw-r--r-- | gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch | 50 | ||||
-rw-r--r-- | gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch | 152 | ||||
-rw-r--r-- | gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch | 50 | ||||
-rw-r--r-- | gnu/packages/patches/qemu-CVE-2018-11806.patch | 105 | ||||
-rw-r--r-- | gnu/packages/tls.scm | 14 | ||||
-rw-r--r-- | gnu/packages/virtualization.scm | 1 | ||||
-rw-r--r-- | gnu/packages/w3m.scm | 5 | ||||
-rw-r--r-- | gnu/packages/xorg.scm | 8 |
18 files changed, 658 insertions, 42 deletions
diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm index 0664545e4a..ab16707ee5 100644 --- a/gnu/packages/audio.scm +++ b/gnu/packages/audio.scm @@ -1220,7 +1220,7 @@ patches that can be used with softsynths such as Timidity and WildMidi.") (define-public guitarix (package (name "guitarix") - (version "0.36.1") + (version "0.37.1") (source (origin (method url-fetch) (uri (string-append @@ -1228,7 +1228,7 @@ patches that can be used with softsynths such as Timidity and WildMidi.") version ".tar.xz")) (sha256 (base32 - "1g5949jwh2n755xjs3kcbdb8a1wxr5mn0m115wdnk27dxcdn93b0")))) + "064k0jzxqgx9gwf8za6jziansabzrwzjaim3qx1743ify5g3gaai")))) (build-system waf-build-system) (arguments `(#:tests? #f ; no "check" target diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm index 85764b073e..9ef0ee7f09 100644 --- a/gnu/packages/backup.scm +++ b/gnu/packages/backup.scm @@ -826,10 +826,12 @@ is like a time machine for your data. ") (license (license:fsf-free "file://COPYING" "Open Software License 2.0")))) -(define-public restic ; bundled / vendored dependencies +(define-public restic (package (name "restic") (version "0.9.1") + ;; TODO Try packaging the bundled / vendored dependencies in the 'vendor/' + ;; directory. (source (origin (method url-fetch) (uri (string-append diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 5fb501940a..5aebc4ca40 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -1487,14 +1487,14 @@ similar to BerkeleyDB, LevelDB, etc.") (define-public redis (package (name "redis") - (version "4.0.9") + (version "4.0.10") (source (origin (method url-fetch) (uri (string-append "http://download.redis.io/releases/redis-" version".tar.gz")) (sha256 (base32 - "0465bv6yxnwmas3wzg07vmrprv2pxhnr56hn5pxrybwf66y76kyz")))) + "194cydhv3hf4v95ifvjvsqrs4jn3ffrkg5lvxj5d3y04lwsp9dhx")))) (build-system gnu-build-system) (arguments '(#:tests? #f ; tests related to master/slave and replication fail diff --git a/gnu/packages/elf.scm b/gnu/packages/elf.scm index 9b120751d2..97bc7728ec 100644 --- a/gnu/packages/elf.scm +++ b/gnu/packages/elf.scm @@ -34,14 +34,14 @@ (define-public elfutils (package (name "elfutils") - (version "0.170") + (version "0.172") (source (origin (method url-fetch) (uri (string-append "https://sourceware.org/elfutils/ftp/" version "/elfutils-" version ".tar.bz2")) (sha256 (base32 - "0rp0r54z44is49c594qy7hr211nhb00aa5y7z74vsybbaxslg10z")) + "090fmbnvd9jblkwhb2bm3hanim63rrvd5f30mfxq4jac6kk9k73p")) (patches (search-patches "elfutils-tests-ptrace.patch")))) (build-system gnu-build-system) diff --git a/gnu/packages/emacs.scm b/gnu/packages/emacs.scm index 3b2c41c5d8..a0ae045ab7 100644 --- a/gnu/packages/emacs.scm +++ b/gnu/packages/emacs.scm @@ -1430,11 +1430,11 @@ Maps directly inside Emacs.") (license license:gpl3+))) (define-public emacs-graphviz-dot-mode - (let ((commit "fdaabbcc95d9156e3dadc84f81a4750c5b692580") + (let ((commit "c456a2b65c734089e6c44e87209a5a432a741b1a") (revision "1")) (package (name "emacs-graphviz-dot-mode") - (version (string-append "0.3.10-" revision "." + (version (string-append "0.3.11-" revision "." (string-take commit 7))) (source (origin (method git-fetch) @@ -1444,7 +1444,7 @@ Maps directly inside Emacs.") (file-name (string-append name "-" version "-checkout")) (sha256 (base32 - "1s1qh5r0xp6hs0rl5yz5mkmjhpg04bh449c7vgjbb1pjsl1dl714")))) + "0j1r2rspaakw37b0mx7pwpvdsvixq9sw3xjbww5piihzpdxz58z1")))) (build-system emacs-build-system) (arguments `(#:phases @@ -2662,7 +2662,7 @@ build jobs.") (define-public emacs-company (package (name "emacs-company") - (version "0.9.3") + (version "0.9.6") (source (origin (method url-fetch) @@ -2671,7 +2671,7 @@ build jobs.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1fyrpchpdmvszssy1qmsw41aqpv6q5rybvs1bw00nv9xdhiaq4vh")))) + "0a7zvmfvxh9w67myvcj2511ayk0fvkm06cdg38y8khnsx63jrr4k")))) (build-system emacs-build-system) (arguments `(#:phases @@ -7237,7 +7237,7 @@ messaging service.") (define-public emacs-bash-completion (package (name "emacs-bash-completion") - (version "2.0.0") + (version "2.1.0") (source (origin (method url-fetch) @@ -7247,7 +7247,7 @@ messaging service.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "0mkci4a1fy8z4cmry8mx5vsx4f16a8r454slnh7lqzidnhfi63hj")))) + "1z0qck3v3ra6ivacn8n04w1v33a4xn01xx860761q31qzsv3sksq")))) (inputs `(("bash" ,bash))) (build-system emacs-build-system) (arguments @@ -10893,20 +10893,20 @@ try completing. See @code{fish-completion-fallback-on-bash-p}.") (license license:gpl3+)))) (define-public emacs-gif-screencast - (let ((commit "825e606950ec842304bf75cf85baef707b853b03")) + (let ((commit "12b25442b97b84abae74ecb5190a9d14ff7cfe5a")) (package (name "emacs-gif-screencast") - (version (git-version "20180309" "1" commit)) + (version (git-version "20180616" "1" commit)) (source (origin (method url-fetch) (uri (string-append - "https://github.com/Ambrevar/emacs-gif-screencast/archive/" - commit - ".tar.gz")) + "https://gitlab.com/Ambrevar/emacs-gif-screencast/" + "repository/archive.tar.gz?ref=" + commit)) (sha256 (base32 - "1f83sdx4qj4g6byvbdq7aayissbcy5lqm43djp8h0lq455nf7jkc")))) + "0lc457i78xjkn5idr2aaiadkh76zcsksj84z0qh80a9y775syrgh")))) (build-system emacs-build-system) (inputs `(("scrot" ,scrot) @@ -10933,7 +10933,7 @@ try completing. See @code{fish-completion-fallback-on-bash-p}.") ("gif-screencast-optimize-program" (string-append imagemagick "/bin/gifsicle"))))))))) (home-page - "https://github.com/Ambrevar/emacs-gif-screencast") + "https://gitlab.com/Ambrevar/emacs-gif-screencast") (synopsis "One-frame-per-action GIF recording") (description "Call @code{gif-screencast} to start a recording. @@ -11217,7 +11217,22 @@ provided by other Emacs packages dealing with pass: (base32 "0v66wk9nh0raih4jhrzmmyi5lbysjnmbv791vm2230ffi2hmwxnd")))) (build-system emacs-build-system) - (propagated-inputs `(("imagemagick" ,imagemagick))) + (inputs `(("imagemagick" ,imagemagick))) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'configure + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((imagemagick (assoc-ref inputs "imagemagick"))) + ;; Specify the absolute file names of the various + ;; programs so that everything works out-of-the-box. + (chmod "image+.el" #o666) + (emacs-substitute-variables + "image+.el" + ("imagex-convert-command" + (string-append imagemagick "/bin/convert")) + ("imagex-identify-command" + (string-append imagemagick "/bin/identify"))))))))) (home-page "https://github.com/mhayashi1120/Emacs-imagex") (synopsis "Image manipulation extensions for Emacs") (description diff --git a/gnu/packages/gnu-pw-mgr.scm b/gnu/packages/gnu-pw-mgr.scm index 906e7d3cf8..6bb5fea84b 100644 --- a/gnu/packages/gnu-pw-mgr.scm +++ b/gnu/packages/gnu-pw-mgr.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013 Eric Bavier <bavier@member.fsf.org> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> -;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2016, 2018 Efraim Flashner <efraim@flashner.co.il> ;;; ;;; This file is part of GNU Guix. ;;; @@ -30,7 +30,7 @@ (define-public gnu-pw-mgr (package (name "gnu-pw-mgr") - (version "2.0") + (version "2.3.1") (source (origin (method url-fetch) @@ -38,8 +38,16 @@ version ".tar.xz")) (sha256 (base32 - "19qvg37snfa8s06q5crx25m1r1n4l0wvfpkbdxz17q7whp0plrl6")))) + "05vv6n5sqdswhzm21cqn8m2p6avblxl3cv7b39nqx8yxf58gi2xv")))) (build-system gnu-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'patch-source-shebangs 'patch-more-shebangs + (lambda _ + (substitute* "tests/dom.test" + (("/usr/bin/printf") (which "printf"))) + #t))))) (native-inputs `(("which" ,which) ("autogen" ,autogen))) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 77e81acff4..57d589721a 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -763,14 +763,14 @@ invoking @command{notifymuch} from the post-new hook.") (define-public notmuch (package (name "notmuch") - (version "0.26.2") + (version "0.27") (source (origin (method url-fetch) (uri (string-append "https://notmuchmail.org/releases/notmuch-" version ".tar.gz")) (sha256 (base32 - "0fqf6wwvqlccq9qdnd0mky7fx0kbkczd28blf045s0vsvdjii70h")))) + "0xh8vq2sa7r07xb3n13drc6gdiqhcgl0pj0za5xj43qkiwpikls0")))) (build-system gnu-build-system) (arguments `(#:modules ((guix build gnu-build-system) diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm index f06885d69e..daefbc57fa 100644 --- a/gnu/packages/music.scm +++ b/gnu/packages/music.scm @@ -2683,7 +2683,7 @@ for improved Amiga ProTracker 2/3 compatibility.") (define-public schismtracker (package (name "schismtracker") - (version "20170910") + (version "20180513") (source (origin (method url-fetch) (uri (string-append @@ -2692,7 +2692,7 @@ for improved Amiga ProTracker 2/3 compatibility.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "01gfcjngbpv87y9w5jln8k313hycpkb1d617hdy2cdw2hxqzlclz")) + "1yjfd02arb51n0vyv11qgpn6imh7hcqnc3953cbvgwb4cnrswk9f")) (modules '((guix build utils))) (snippet ;; Remove use of __DATE__ and __TIME__ for reproducibility. @@ -2706,7 +2706,7 @@ for improved Amiga ProTracker 2/3 compatibility.") `(#:phases (modify-phases %standard-phases (add-after 'unpack 'autoconf - (lambda _ (zero? (system* "autoreconf" "-vfi")))) + (lambda _ (invoke "autoreconf" "-vfi"))) (add-before 'configure 'link-libm (lambda _ (setenv "LIBS" "-lm") #t))))) (native-inputs diff --git a/gnu/packages/package-management.scm b/gnu/packages/package-management.scm index a9485a7e7a..6a55f62ee6 100644 --- a/gnu/packages/package-management.scm +++ b/gnu/packages/package-management.scm @@ -100,8 +100,8 @@ ;; Note: the 'update-guix-package.scm' script expects this definition to ;; start precisely like this. (let ((version "0.14.0") - (commit "77a1aac6cccc79d7c8085762f610e22e6ebfb43b") - (revision 12)) + (commit "7af5c2a248b6c229187fc850517c84b0917c452b") + (revision 13)) (package (name "guix") @@ -117,7 +117,7 @@ (commit commit))) (sha256 (base32 - "0f0agvw3fizy0aaf51vc2d1rbsvxhg6vnzgjb1n1hbyym79f17j6")) + "06kjimcln4ydirgl05qy98kxjyx3l6brxnq1ly7wb85f73s97gix")) (file-name (string-append "guix-" version "-checkout")))) (build-system gnu-build-system) (arguments @@ -310,11 +310,18 @@ the Nix package manager.") (inputs `(("gnutls" ,gnutls) ("guile-git" ,guile-git) - ,@(package-inputs guix))) + ,@(fold alist-delete (package-inputs guix) + '("boot-guile" "boot-guile/i686" "util-linux")))) + (propagated-inputs '()) (arguments (substitute-keyword-arguments (package-arguments guix) + ((#:configure-flags flags '()) + ;; Pretend we have those libraries; we don't actually need them. + `(append ,flags + '("guix_cv_have_recent_guile_sqlite3=yes" + "guix_cv_have_recent_guile_ssh=yes"))) ((#:tests? #f #f) #f) ((#:phases phases '%standard-phases) diff --git a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch b/gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch new file mode 100644 index 0000000000..2d54ed03b9 --- /dev/null +++ b/gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch @@ -0,0 +1,215 @@ +Fix CVE-2018-0495: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495 +https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/ + +Patch copied from upstream source repository: + +https://github.com/openssl/openssl/commit/949ff36623eafc3523a9f91784992965018ffb05 + +From 949ff36623eafc3523a9f91784992965018ffb05 Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 25 May 2018 12:10:13 +0100 +Subject: [PATCH] Add blinding to an ECDSA signature + +Keegan Ryan (NCC Group) has demonstrated a side channel attack on an +ECDSA signature operation. During signing the signer calculates: + +s:= k^-1 * (m + r * priv_key) mod order + +The addition operation above provides a sufficient signal for a +flush+reload attack to derive the private key given sufficient signature +operations. + +As a mitigation (based on a suggestion from Keegan) we add blinding to +the operation so that: + +s := k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order + +Since this attack is a localhost side channel only no CVE is assigned. + +Reviewed-by: Rich Salz <rsalz@openssl.org> +--- + CHANGES | 4 ++ + crypto/ecdsa/ecdsatest.c | 9 ++++- + crypto/ecdsa/ecs_ossl.c | 82 ++++++++++++++++++++++++++++++++-------- + 3 files changed, 79 insertions(+), 16 deletions(-) + +diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c +index 0f301f86d9..a130fc9117 100644 +--- a/crypto/ecdsa/ecdsatest.c ++++ b/crypto/ecdsa/ecdsatest.c +@@ -137,7 +137,7 @@ int restore_rand(void) + return 1; + } + +-static int fbytes_counter = 0; ++static int fbytes_counter = 0, use_fake = 0; + static const char *numbers[8] = { + "651056770906015076056810763456358567190100156695615665659", + "6140507067065001063065065565667405560006161556565665656654", +@@ -158,6 +158,11 @@ int fbytes(unsigned char *buf, int num) + int ret; + BIGNUM *tmp = NULL; + ++ if (use_fake == 0) ++ return old_rand->bytes(buf, num); ++ ++ use_fake = 0; ++ + if (fbytes_counter >= 8) + return 0; + tmp = BN_new(); +@@ -199,11 +204,13 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) + /* create the key */ + if ((key = EC_KEY_new_by_curve_name(nid)) == NULL) + goto x962_int_err; ++ use_fake = 1; + if (!EC_KEY_generate_key(key)) + goto x962_int_err; + BIO_printf(out, "."); + (void)BIO_flush(out); + /* create the signature */ ++ use_fake = 1; + signature = ECDSA_do_sign(digest, 20, key); + if (signature == NULL) + goto x962_int_err; +diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c +index 16d4f59b9b..1d37551803 100644 +--- a/crypto/ecdsa/ecs_ossl.c ++++ b/crypto/ecdsa/ecs_ossl.c +@@ -252,6 +252,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, + { + int ok = 0, i; + BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *order = NULL; ++ BIGNUM *blind = NULL, *blindm = NULL; + const BIGNUM *ckinv; + BN_CTX *ctx = NULL; + const EC_GROUP *group; +@@ -269,14 +270,25 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, + } + + ret = ECDSA_SIG_new(); +- if (!ret) { ++ if (ret == NULL) { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + return NULL; + } + s = ret->s; + +- if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL || +- (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) { ++ ctx = BN_CTX_new(); ++ if (ctx == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ BN_CTX_start(ctx); ++ order = BN_CTX_get(ctx); ++ tmp = BN_CTX_get(ctx); ++ m = BN_CTX_get(ctx); ++ blind = BN_CTX_get(ctx); ++ blindm = BN_CTX_get(ctx); ++ if (blindm == NULL) { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } +@@ -315,26 +327,70 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, + } + } + +- if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) { ++ /* ++ * The normal signature calculation is: ++ * ++ * s := k^-1 * (m + r * priv_key) mod order ++ * ++ * We will blind this to protect against side channel attacks ++ * ++ * s := k^-1 * blind^-1 * (blind * m + blind * r * priv_key) mod order ++ */ ++ ++ /* Generate a blinding value */ ++ do { ++ if (!BN_rand(blind, BN_num_bits(order) - 1, -1, 0)) ++ goto err; ++ } while (BN_is_zero(blind)); ++ BN_set_flags(blind, BN_FLG_CONSTTIME); ++ BN_set_flags(blindm, BN_FLG_CONSTTIME); ++ BN_set_flags(tmp, BN_FLG_CONSTTIME); ++ ++ /* tmp := blind * priv_key * r mod order */ ++ if (!BN_mod_mul(tmp, blind, priv_key, order, ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ if (!BN_mod_mul(tmp, tmp, ret->r, order, ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* blindm := blind * m mod order */ ++ if (!BN_mod_mul(blindm, blind, m, order, ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* s : = (blind * priv_key * r) + (blind * m) mod order */ ++ if (!BN_mod_add_quick(s, tmp, blindm, order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* s:= s * blind^-1 mod order */ ++ if (BN_mod_inverse(blind, blind, order, ctx) == NULL) { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); + goto err; + } +- if (!BN_mod_add_quick(s, tmp, m, order)) { ++ if (!BN_mod_mul(s, s, blind, order, ctx)) { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); + goto err; + } ++ ++ /* s := s * k^-1 mod order */ + if (!BN_mod_mul(s, s, ckinv, order, ctx)) { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); + goto err; + } ++ + if (BN_is_zero(s)) { + /* + * if kinv and r have been supplied by the caller don't to + * generate new kinv and r values + */ + if (in_kinv != NULL && in_r != NULL) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, +- ECDSA_R_NEED_NEW_SETUP_VALUES); ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES); + goto err; + } + } else +@@ -349,15 +405,11 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, + ECDSA_SIG_free(ret); + ret = NULL; + } +- if (ctx) ++ if (ctx != NULL) { ++ BN_CTX_end(ctx); + BN_CTX_free(ctx); +- if (m) +- BN_clear_free(m); +- if (tmp) +- BN_clear_free(tmp); +- if (order) +- BN_free(order); +- if (kinv) ++ } ++ if (kinv != NULL) + BN_clear_free(kinv); + return ret; + } +-- +2.17.1 + diff --git a/gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch b/gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch new file mode 100644 index 0000000000..50b95306a5 --- /dev/null +++ b/gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch @@ -0,0 +1,50 @@ +Fix CVE-2018-0732: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732 + +Patch copied from upstream source repository: + +https://github.com/openssl/openssl/commit/3984ef0b72831da8b3ece4745cac4f8575b19098 + +From 3984ef0b72831da8b3ece4745cac4f8575b19098 Mon Sep 17 00:00:00 2001 +From: Guido Vranken <guidovranken@gmail.com> +Date: Mon, 11 Jun 2018 19:38:54 +0200 +Subject: [PATCH] Reject excessively large primes in DH key generation. + +CVE-2018-0732 + +Signed-off-by: Guido Vranken <guidovranken@gmail.com> + +(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe) + +Reviewed-by: Tim Hudson <tjh@openssl.org> +Reviewed-by: Matt Caswell <matt@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/6457) +--- + crypto/dh/dh_key.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c +index 387558f146..f235e0d682 100644 +--- a/crypto/dh/dh_key.c ++++ b/crypto/dh/dh_key.c +@@ -130,10 +130,15 @@ static int generate_key(DH *dh) + int ok = 0; + int generate_new_key = 0; + unsigned l; +- BN_CTX *ctx; ++ BN_CTX *ctx = NULL; + BN_MONT_CTX *mont = NULL; + BIGNUM *pub_key = NULL, *priv_key = NULL; + ++ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); ++ return 0; ++ } ++ + ctx = BN_CTX_new(); + if (ctx == NULL) + goto err; +-- +2.17.1 + diff --git a/gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch new file mode 100644 index 0000000000..15dedbcbd0 --- /dev/null +++ b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch @@ -0,0 +1,152 @@ +Fix CVE-2018-0495: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495 +https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/ + +Patch copied from upstream source repository: + +https://github.com/openssl/openssl/commit/0c27d793745c7837b13646302b6890a556b7017a + +From 0c27d793745c7837b13646302b6890a556b7017a Mon Sep 17 00:00:00 2001 +From: Matt Caswell <matt@openssl.org> +Date: Fri, 25 May 2018 12:10:13 +0100 +Subject: [PATCH] Add blinding to an ECDSA signature + +Keegan Ryan (NCC Group) has demonstrated a side channel attack on an +ECDSA signature operation. During signing the signer calculates: + +s:= k^-1 * (m + r * priv_key) mod order + +The addition operation above provides a sufficient signal for a +flush+reload attack to derive the private key given sufficient signature +operations. + +As a mitigation (based on a suggestion from Keegan) we add blinding to +the operation so that: + +s := k^-1 * blind^-1 (blind * m + blind * r * priv_key) mod order + +Since this attack is a localhost side channel only no CVE is assigned. + +Reviewed-by: Rich Salz <rsalz@openssl.org> +--- + CHANGES | 4 +++ + crypto/ec/ecdsa_ossl.c | 70 +++++++++++++++++++++++++++++++++++++----- + 2 files changed, 67 insertions(+), 7 deletions(-) + +diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c +index 72e2f0f28b..449be0e92a 100644 +--- a/crypto/ec/ecdsa_ossl.c ++++ b/crypto/ec/ecdsa_ossl.c +@@ -210,7 +210,8 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, + EC_KEY *eckey) + { + int ok = 0, i; +- BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL; ++ BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *blind = NULL; ++ BIGNUM *blindm = NULL; + const BIGNUM *order, *ckinv; + BN_CTX *ctx = NULL; + const EC_GROUP *group; +@@ -243,8 +244,18 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, + } + s = ret->s; + +- if ((ctx = BN_CTX_new()) == NULL || +- (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) { ++ ctx = BN_CTX_secure_new(); ++ if (ctx == NULL) { ++ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ BN_CTX_start(ctx); ++ tmp = BN_CTX_get(ctx); ++ m = BN_CTX_get(ctx); ++ blind = BN_CTX_get(ctx); ++ blindm = BN_CTX_get(ctx); ++ if (blindm == NULL) { + ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE); + goto err; + } +@@ -284,18 +295,64 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, + } + } + +- if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) { ++ /* ++ * The normal signature calculation is: ++ * ++ * s := k^-1 * (m + r * priv_key) mod order ++ * ++ * We will blind this to protect against side channel attacks ++ * ++ * s := k^-1 * blind^-1 * (blind * m + blind * r * priv_key) mod order ++ */ ++ ++ /* Generate a blinding value */ ++ do { ++ if (!BN_rand(blind, BN_num_bits(order) - 1, BN_RAND_TOP_ANY, ++ BN_RAND_BOTTOM_ANY)) ++ goto err; ++ } while (BN_is_zero(blind)); ++ BN_set_flags(blind, BN_FLG_CONSTTIME); ++ BN_set_flags(blindm, BN_FLG_CONSTTIME); ++ BN_set_flags(tmp, BN_FLG_CONSTTIME); ++ ++ /* tmp := blind * priv_key * r mod order */ ++ if (!BN_mod_mul(tmp, blind, priv_key, order, ctx)) { + ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); + goto err; + } +- if (!BN_mod_add_quick(s, tmp, m, order)) { ++ if (!BN_mod_mul(tmp, tmp, ret->r, order, ctx)) { + ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); + goto err; + } ++ ++ /* blindm := blind * m mod order */ ++ if (!BN_mod_mul(blindm, blind, m, order, ctx)) { ++ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* s : = (blind * priv_key * r) + (blind * m) mod order */ ++ if (!BN_mod_add_quick(s, tmp, blindm, order)) { ++ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* s:= s * blind^-1 mod order */ ++ if (BN_mod_inverse(blind, blind, order, ctx) == NULL) { ++ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); ++ goto err; ++ } ++ if (!BN_mod_mul(s, s, blind, order, ctx)) { ++ ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* s := s * k^-1 mod order */ + if (!BN_mod_mul(s, s, ckinv, order, ctx)) { + ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB); + goto err; + } ++ + if (BN_is_zero(s)) { + /* + * if kinv and r have been supplied by the caller don't to +@@ -317,9 +374,8 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, + ECDSA_SIG_free(ret); + ret = NULL; + } ++ BN_CTX_end(ctx); + BN_CTX_free(ctx); +- BN_clear_free(m); +- BN_clear_free(tmp); + BN_clear_free(kinv); + return ret; + } +-- +2.17.1 + diff --git a/gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch new file mode 100644 index 0000000000..dfea6e7d06 --- /dev/null +++ b/gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch @@ -0,0 +1,50 @@ +Fix CVE-2018-0732: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732 + +Patch copied from upstream source repository: + +https://github.com/openssl/openssl/commit/ea7abeeabf92b7aca160bdd0208636d4da69f4f4 + +From ea7abeeabf92b7aca160bdd0208636d4da69f4f4 Mon Sep 17 00:00:00 2001 +From: Guido Vranken <guidovranken@gmail.com> +Date: Mon, 11 Jun 2018 19:38:54 +0200 +Subject: [PATCH] Reject excessively large primes in DH key generation. + +CVE-2018-0732 + +Signed-off-by: Guido Vranken <guidovranken@gmail.com> + +(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe) + +Reviewed-by: Tim Hudson <tjh@openssl.org> +Reviewed-by: Matt Caswell <matt@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/6457) +--- + crypto/dh/dh_key.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c +index fce9ff47f3..58003d7087 100644 +--- a/crypto/dh/dh_key.c ++++ b/crypto/dh/dh_key.c +@@ -78,10 +78,15 @@ static int generate_key(DH *dh) + int ok = 0; + int generate_new_key = 0; + unsigned l; +- BN_CTX *ctx; ++ BN_CTX *ctx = NULL; + BN_MONT_CTX *mont = NULL; + BIGNUM *pub_key = NULL, *priv_key = NULL; + ++ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { ++ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); ++ return 0; ++ } ++ + ctx = BN_CTX_new(); + if (ctx == NULL) + goto err; +-- +2.17.1 + diff --git a/gnu/packages/patches/qemu-CVE-2018-11806.patch b/gnu/packages/patches/qemu-CVE-2018-11806.patch new file mode 100644 index 0000000000..f021dfa747 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2018-11806.patch @@ -0,0 +1,105 @@ +Fix CVE-2018-11806: + +https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11806 + +Patch copied from upstream source repository: + +https://git.qemu.org/?p=qemu.git;a=commitdiff;h=864036e251f54c99d31df124aad7f34f01f5344c + +From 864036e251f54c99d31df124aad7f34f01f5344c Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit <pjp@fedoraproject.org> +Date: Tue, 5 Jun 2018 23:38:35 +0530 +Subject: [PATCH] slirp: correct size computation while concatenating mbuf + +While reassembling incoming fragmented datagrams, 'm_cat' routine +extends the 'mbuf' buffer, if it has insufficient room. It computes +a wrong buffer size, which leads to overwriting adjacent heap buffer +area. Correct this size computation in m_cat. + +Reported-by: ZDI Disclosures <zdi-disclosures@trendmicro.com> +Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> +Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> +--- + slirp/mbuf.c | 11 +++++------ + slirp/mbuf.h | 8 +++----- + 2 files changed, 8 insertions(+), 11 deletions(-) + +diff --git a/slirp/mbuf.c b/slirp/mbuf.c +index 5ff24559fd..18cbf759a7 100644 +--- a/slirp/mbuf.c ++++ b/slirp/mbuf.c +@@ -138,7 +138,7 @@ m_cat(struct mbuf *m, struct mbuf *n) + * If there's no room, realloc + */ + if (M_FREEROOM(m) < n->m_len) +- m_inc(m,m->m_size+MINCSIZE); ++ m_inc(m, m->m_len + n->m_len); + + memcpy(m->m_data+m->m_len, n->m_data, n->m_len); + m->m_len += n->m_len; +@@ -147,7 +147,7 @@ m_cat(struct mbuf *m, struct mbuf *n) + } + + +-/* make m size bytes large */ ++/* make m 'size' bytes large from m_data */ + void + m_inc(struct mbuf *m, int size) + { +@@ -158,12 +158,12 @@ m_inc(struct mbuf *m, int size) + + if (m->m_flags & M_EXT) { + datasize = m->m_data - m->m_ext; +- m->m_ext = g_realloc(m->m_ext, size); ++ m->m_ext = g_realloc(m->m_ext, size + datasize); + m->m_data = m->m_ext + datasize; + } else { + char *dat; + datasize = m->m_data - m->m_dat; +- dat = g_malloc(size); ++ dat = g_malloc(size + datasize); + memcpy(dat, m->m_dat, m->m_size); + + m->m_ext = dat; +@@ -171,8 +171,7 @@ m_inc(struct mbuf *m, int size) + m->m_flags |= M_EXT; + } + +- m->m_size = size; +- ++ m->m_size = size + datasize; + } + + +diff --git a/slirp/mbuf.h b/slirp/mbuf.h +index 893601ff9d..33b84485d6 100644 +--- a/slirp/mbuf.h ++++ b/slirp/mbuf.h +@@ -33,8 +33,6 @@ + #ifndef MBUF_H + #define MBUF_H + +-#define MINCSIZE 4096 /* Amount to increase mbuf if too small */ +- + /* + * Macros for type conversion + * mtod(m,t) - convert mbuf pointer to data pointer of correct type +@@ -72,11 +70,11 @@ struct mbuf { + struct mbuf *m_prevpkt; /* Flags aren't used in the output queue */ + int m_flags; /* Misc flags */ + +- int m_size; /* Size of data */ ++ int m_size; /* Size of mbuf, from m_dat or m_ext */ + struct socket *m_so; + +- caddr_t m_data; /* Location of data */ +- int m_len; /* Amount of data in this mbuf */ ++ caddr_t m_data; /* Current location of data */ ++ int m_len; /* Amount of data in this mbuf, from m_data */ + + Slirp *slirp; + bool resolution_requested; +-- +2.17.1 + diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 35134025b8..c14feb2983 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -260,6 +260,7 @@ required structures.") (define-public openssl (package (name "openssl") + (replacement openssl/fixed) (version "1.0.2o") (source (origin (method url-fetch) @@ -396,6 +397,15 @@ required structures.") (license license:openssl) (home-page "https://www.openssl.org/"))) +(define openssl/fixed + (package + (inherit openssl) + (source (origin + (inherit (package-source openssl)) + (patches (append (origin-patches (package-source openssl)) + (search-patches "openssl-1.0.2-CVE-2018-0495.patch" + "openssl-1.0.2-CVE-2018-0732.patch"))))))) + (define-public openssl-next (package (inherit openssl) @@ -410,7 +420,9 @@ required structures.") (string-append "ftp://ftp.openssl.org/source/old/" (string-trim-right version char-set:letter) "/" name "-" version ".tar.gz"))) - (patches (search-patches "openssl-1.1.0-c-rehash-in.patch")) + (patches (search-patches "openssl-1.1.0-c-rehash-in.patch" + "openssl-1.1.0-CVE-2018-0495.patch" + "openssl-1.1.0-CVE-2018-0732.patch")) (sha256 (base32 "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq")))) diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 61f0245289..b82dcb4c80 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -98,6 +98,7 @@ (method url-fetch) (uri (string-append "https://download.qemu.org/qemu-" version ".tar.xz")) + (patches (search-patches "qemu-CVE-2018-11806.patch")) (sha256 (base32 "1z66spkm1prvhbq7h5mfnp0i6mmamsb938fqmdfvyrgzc7rh34z6")))) diff --git a/gnu/packages/w3m.scm b/gnu/packages/w3m.scm index 4e3264a47e..a8761ec602 100644 --- a/gnu/packages/w3m.scm +++ b/gnu/packages/w3m.scm @@ -42,10 +42,9 @@ (version "0.5.3+git20180125") (source (origin (method git-fetch) - ;; Debian's fork of w3m is the only one that is still - ;; maintained. + ;; Debian's fork of w3m is the only one that is still maintained. (uri (git-reference - (url "https://anonscm.debian.org/cgit/collab-maint/w3m.git") + (url "https://salsa.debian.org/debian/w3m.git") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm index db801fd268..a647b7e582 100644 --- a/gnu/packages/xorg.scm +++ b/gnu/packages/xorg.scm @@ -2530,7 +2530,7 @@ It is used to cotrol the pointer with a joystick device.") (define-public xf86-input-mouse (package (name "xf86-input-mouse") - (version "1.9.2") + (version "1.9.3") (source (origin (method url-fetch) @@ -2540,7 +2540,7 @@ It is used to cotrol the pointer with a joystick device.") ".tar.bz2")) (sha256 (base32 - "0bsbgww9421792zan43j60mndqprhfxhc48agsi15d3abjqda9gl")))) + "1iawr1wyl2qch1mqszcs0s84i92mh4xxprflnycbw1adc18b7v4k")))) (build-system gnu-build-system) (inputs `(("xorg-server" ,xorg-server))) (native-inputs `(("pkg-config" ,pkg-config))) @@ -5636,7 +5636,7 @@ user-friendly mechanism to start the X server.") (define-public libxaw3d (package (name "libxaw3d") - (version "1.6.2") + (version "1.6.3") (source (origin (method url-fetch) @@ -5646,7 +5646,7 @@ user-friendly mechanism to start the X server.") ".tar.bz2")) (sha256 (base32 - "0awplv1nf53ywv01yxphga3v6dcniwqnxgnb0cn4khb121l12kxp")))) + "0i653s8g25cc0mimkwid9366bqkbyhdyjhckx7bw77j20hzrkfid")))) (build-system gnu-build-system) (propagated-inputs `(("libxext" ,libxext) |