diff options
| author | Pascal Wittmann <mail@pascal-wittmann.de> | 2015-06-08 13:55:20 +0200 |
|---|---|---|
| committer | Pascal Wittmann <mail@pascal-wittmann.de> | 2015-06-08 13:56:42 +0200 |
| commit | c46889ea4227418fb31a0562626ffcab20d90890 (patch) | |
| tree | 35a7ac6b1e9cc2667e7c5da78e4f9f6ee177dc18 /pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch | |
| parent | cc96e474d3d21969b999865c817a41c44aab3dc3 (diff) | |
| download | nixpkgs-c46889ea4227418fb31a0562626ffcab20d90890.tar nixpkgs-c46889ea4227418fb31a0562626ffcab20d90890.tar.gz nixpkgs-c46889ea4227418fb31a0562626ffcab20d90890.tar.bz2 nixpkgs-c46889ea4227418fb31a0562626ffcab20d90890.tar.lz nixpkgs-c46889ea4227418fb31a0562626ffcab20d90890.tar.xz nixpkgs-c46889ea4227418fb31a0562626ffcab20d90890.tar.zst nixpkgs-c46889ea4227418fb31a0562626ffcab20d90890.zip | |
ipsec-tools: apply debians patch to fix CVE-2015-4047
Diffstat (limited to 'pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch')
| -rw-r--r-- | pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch b/pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch new file mode 100644 index 00000000000..00c23c6cac1 --- /dev/null +++ b/pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch @@ -0,0 +1,16 @@ +Index: pkg-ipsec-tools/src/racoon/gssapi.c +=================================================================== +--- pkg-ipsec-tools.orig/src/racoon/gssapi.c ++++ pkg-ipsec-tools/src/racoon/gssapi.c +@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1) + gss_name_t princ, canon_princ; + OM_uint32 maj_stat, min_stat; + ++ if (iph1->rmconf == NULL) { ++ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n"); ++ return -1; ++ } ++ + gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state)); + if (gps == NULL) { + plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n"); |