From nobody Wed Mar 29 18:48:34 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PmwYZ3DGhz42wSV; Wed, 29 Mar 2023 18:48:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PmwYZ2JTjz3PYQ; Wed, 29 Mar 2023 18:48:34 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1680115714; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=flboh9Pij3jWZ1IrrCg0Jkp8woDZTo9f210y8JUIc3E=; b=enh+mJ3Fa/3JHLX+VadiJ2e3Q1rGekEQ+E68hVcQg5wqHu6+2EXqrxXbLGvUc3dEKvxZev GYkjmZCRyIFvuFSwlr5cdUc0CQmcW4ckF34Tp/G5CA61gSfLWQg6HuGuXDLLV5HJW7LJo7 61bTip+gAe/QKhVy1aE702kL7nIZhDtRhYUx9yGusvTRToYbvaLt9TA5X7s8sReZ+nGJUj II+VakY/AHMTKh9wmOQfZ7eWqNupsEuYdjzlwivNYW+y0tSbpRfeSqd30NrEK1KTQRDY12 f9pdoqKEPnArLlXkAluSHtfO06rC1s/MjvjDnHaLVk+N3g2N7ITQPtPMpU9oCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1680115714; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=flboh9Pij3jWZ1IrrCg0Jkp8woDZTo9f210y8JUIc3E=; b=nlLqu8LSka228Stog79Uj9LGCUhNYyTkhOejmJVbbH6/jLbnjW0Ht5iQG/xZrmTEu5SpNG Ff/sewusokaXrPXrKoi8sWEb07Pu3VHRXWiLOOKawjGpv8uRdRA0itU+7mmSV3Ql/vE0+8 PQqA5Go0IQLjCXyhgt1uoAIx3KMpCy/luswZ3K8pRY5sw5bVr+38mltIKuAC5chUpjHt4v J2Pc4yChnxkqpAySmTiCtsbWQ8q1XVhzE5d9w0OV6I1WUGlMBz+KAOO9VXh9UMoJqfrjE7 tT9497wcKNSjLZLZ0E5LKeAbrIdMAJJspwytmRf8lcny/qaRyAa0esdUivbcrA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1680115714; a=rsa-sha256; cv=none; b=tCiMn9Ls9DA3di3W/aMkYvRjF2P9pcQaY1JNxZ2DYLGoZha1URuSxJntuKl9bfIwaKTm3d sQW337DDL8nKGvAT4Af7a4wCLDlHRP02TFmKr/iLMgY3jOLylcFGie8elV+L3938JAHIBk 3zBXs+Efa+l4t43pKtogdlf5c4z7acAkLtg9u15SDK3zdryO1yTnZArBOhXYsrpU8WbeME sq3KVyPc1H5ifB7j8ib+jnYILPsItYKIoA4xPAl0oKf3CU9s0lxVWe+ndMSpt2xGo/3YIt TWehiJZNtznAnSsuyQ78V4Fxq0YmIQCe0gzwCW2RlBpKkUTgXv7kfgFac/a4yQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PmwYZ1LxpzhQ3; Wed, 29 Mar 2023 18:48:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 32TImYZx022688; Wed, 29 Mar 2023 18:48:34 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 32TImYQP022687; Wed, 29 Mar 2023 18:48:34 GMT (envelope-from git) Date: Wed, 29 Mar 2023 18:48:34 GMT Message-Id: <202303291848.32TImYQP022687@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Bernard Spil Subject: git: f410329bc6c4 - main - security/openssl30: Security update for CVE-2023-0465 & 0466 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: brnrd X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: f410329bc6c40fedb0ac637f780429cf945effaa Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by brnrd: URL: https://cgit.FreeBSD.org/ports/commit/?id=f410329bc6c40fedb0ac637f780429cf945effaa commit f410329bc6c40fedb0ac637f780429cf945effaa Author: Bernard Spil AuthorDate: 2023-03-29 18:47:55 +0000 Commit: Bernard Spil CommitDate: 2023-03-29 18:47:55 +0000 security/openssl30: Security update for CVE-2023-0465 & 0466 Security: 425b9538-ce5f-11ed-ade3-d4c9ef517024 --- security/openssl30/Makefile | 2 +- security/openssl30/files/patch-CVE-2023-0464 | 89 +++++++++++++++++++ security/openssl30/files/patch-CVE-2023-0465 | 126 +++++++++++++++++++++++++++ security/openssl30/files/patch-CVE-2023-0466 | 91 +++++++++++++++++++ 4 files changed, 307 insertions(+), 1 deletion(-) diff --git a/security/openssl30/Makefile b/security/openssl30/Makefile index 2d54a9336d69..9e878362a5db 100644 --- a/security/openssl30/Makefile +++ b/security/openssl30/Makefile @@ -1,6 +1,6 @@ PORTNAME= openssl DISTVERSION= 3.0.8 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security devel MASTER_SITES= https://www.openssl.org/source/ \ ftp://ftp.cert.dfn.de/pub/tools/net/openssl/source/ diff --git a/security/openssl30/files/patch-CVE-2023-0464 b/security/openssl30/files/patch-CVE-2023-0464 index 2f5d8c90fed6..d88dc2b5d1e7 100644 --- a/security/openssl30/files/patch-CVE-2023-0464 +++ b/security/openssl30/files/patch-CVE-2023-0464 @@ -216,3 +216,92 @@ index fa45da5117a1..f953a05a41a6 100644 return X509_PCY_TREE_INTERNAL; if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY) +From 2389cdc9f74268a0d5164a998929ffe50102c0eb Mon Sep 17 00:00:00 2001 +From: Richard Levitte +Date: Tue, 7 Feb 2023 14:44:20 +0100 +Subject: [PATCH] Prepare for 3.0.9 + +Reviewed-by: Tomas Mraz +Release: yes +--- + CHANGES.md | 4 ++++ + NEWS.md | 4 ++++ + VERSION.dat | 4 ++-- + 3 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/CHANGES.md b/CHANGES.md +index 7cdd9d974536..0e4fdebfde4e 100644 +--- CHANGES.md.orig ++++ CHANGES.md +@@ -28,6 +28,10 @@ breaking changes, and mappings for the large list of deprecated functions. + + [Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod + ++### Changes between 3.0.8 and 3.0.9 [xx XXX xxxx] ++ ++ * none yet ++ + ### Changes between 3.0.7 and 3.0.8 [7 Feb 2023] + + * Fixed NULL dereference during PKCS7 data verification. +diff --git a/NEWS.md b/NEWS.md +index 36dbfa72f6d5..e7a23e908c1f 100644 +--- NEWS.md.orig ++++ NEWS.md +@@ -18,6 +18,10 @@ OpenSSL Releases + OpenSSL 3.0 + ----------- + ++### Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [under development] ++ ++ * none ++ + ### Major changes between OpenSSL 3.0.7 and OpenSSL 3.0.8 [7 Feb 2023] + + * Fixed NULL dereference during PKCS7 data verification ([CVE-2023-0401]) +diff --git a/VERSION.dat b/VERSION.dat +index 375a0de7e128..a17a51f147e5 100644 +--- VERSION.dat.orig ++++ VERSION.dat +@@ -1,7 +1,7 @@ + MAJOR=3 + MINOR=0 +-PATCH=8 +-PRE_RELEASE_TAG= ++PATCH=9 ++PRE_RELEASE_TAG=dev + BUILD_METADATA= + RELEASE_DATE="7 Feb 2023" + SHLIB_VERSION=3 +From f8fe66e3f13350b527da871183b727e0fb9632ca Mon Sep 17 00:00:00 2001 +From: Pauli +Date: Wed, 15 Mar 2023 14:18:53 +1100 +Subject: [PATCH] changes: note about policy tree size limits and circumvention + +Reviewed-by: Tomas Mraz +Reviewed-by: Shane Lontis +(Merged from https://github.com/openssl/openssl/pull/20568) +--- + CHANGES.md | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/CHANGES.md b/CHANGES.md +index 2ba422c09a32..3eddb6f10e02 100644 +--- CHANGES.md.orig ++++ CHANGES.md +@@ -30,7 +30,14 @@ breaking changes, and mappings for the large list of deprecated functions. + + ### Changes between 3.0.8 and 3.0.9 [xx XXX xxxx] + +- * none yet ++ * Limited the number of nodes created in a policy tree to mitigate ++ against CVE-2023-0464. The default limit is set to 1000 nodes, which ++ should be sufficient for most installations. If required, the limit ++ can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build ++ time define to a desired maximum number of nodes or zero to allow ++ unlimited growth. ++ ++ *Paul Dale* + + ### Changes between 3.0.7 and 3.0.8 [7 Feb 2023] + diff --git a/security/openssl30/files/patch-CVE-2023-0465 b/security/openssl30/files/patch-CVE-2023-0465 new file mode 100644 index 000000000000..bf1edbf2e618 --- /dev/null +++ b/security/openssl30/files/patch-CVE-2023-0465 @@ -0,0 +1,126 @@ +From 9a1410bd393c594f852222392c36bc7895d82d57 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 23 Mar 2023 15:31:25 +0000 +Subject: [PATCH] Updated CHANGES.md and NEWS.md for CVE-2023-0465 + +Also updated the entries for CVE-2023-0464 + +Related-to: CVE-2023-0465 + +Reviewed-by: Hugo Landau +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/20587) +--- + CHANGES.md | 12 ++++++++++++ + NEWS.md | 6 +++++- + 2 files changed, 17 insertions(+), 1 deletion(-) + +diff --git a/CHANGES.md b/CHANGES.md +index 3eddb6f10e02..31cc6095cc3b 100644 +--- CHANGES.md.orig ++++ CHANGES.md +@@ -30,12 +30,22 @@ breaking changes, and mappings for the large list of deprecated functions. + + ### Changes between 3.0.8 and 3.0.9 [xx XXX xxxx] + ++ * Fixed an issue where invalid certificate policies in leaf certificates are ++ silently ignored by OpenSSL and other certificate policy checks are skipped ++ for that certificate. A malicious CA could use this to deliberately assert ++ invalid certificate policies in order to circumvent policy checking on the ++ certificate altogether. ++ ([CVE-2023-0465]) ++ ++ *Matt Caswell* ++ + * Limited the number of nodes created in a policy tree to mitigate + against CVE-2023-0464. The default limit is set to 1000 nodes, which + should be sufficient for most installations. If required, the limit + can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build + time define to a desired maximum number of nodes or zero to allow + unlimited growth. ++ ([CVE-2023-0464]) + + *Paul Dale* + +@@ -19589,6 +19599,8 @@ ndif + + + ++[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 ++[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 + [CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286 + [CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217 +diff --git a/NEWS.md b/NEWS.md +index c6e4926bd527..7fe2ff15d97e 100644 +--- NEWS.md.orig ++++ NEWS.md +@@ -20,7 +20,9 @@ OpenSSL 3.0 + + ### Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [under development] + +- * none ++ * Fixed handling of invalid certificate policies in leaf certificates ++ ([CVE-2023-0465]) ++ * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) + + ### Major changes between OpenSSL 3.0.7 and OpenSSL 3.0.8 [7 Feb 2023] + +@@ -1434,6 +1436,8 @@ OpenSSL 0.9.x + * Support for various new platforms + + ++[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 ++[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 + [CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286 + [CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217 +From 1dd43e0709fece299b15208f36cc7c76209ba0bb Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Tue, 7 Mar 2023 16:52:55 +0000 +Subject: [PATCH] Ensure that EXFLAG_INVALID_POLICY is checked even in leaf + certs + +Even though we check the leaf cert to confirm it is valid, we +later ignored the invalid flag and did not notice that the leaf +cert was bad. + +Fixes: CVE-2023-0465 + +Reviewed-by: Hugo Landau +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/20587) +--- + crypto/x509/x509_vfy.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c +index 9384f1da9bad..a0282c3ef121 100644 +--- crypto/x509/x509_vfy.c.orig ++++ crypto/x509/x509_vfy.c +@@ -1654,15 +1654,23 @@ static int check_policy(X509_STORE_CTX *ctx) + goto memerr; + /* Invalid or inconsistent extensions */ + if (ret == X509_PCY_TREE_INVALID) { +- int i; ++ int i, cbcalled = 0; + + /* Locate certificates with bad extensions and notify callback. */ +- for (i = 1; i < sk_X509_num(ctx->chain); i++) { ++ for (i = 0; i < sk_X509_num(ctx->chain); i++) { + X509 *x = sk_X509_value(ctx->chain, i); + ++ if ((x->ex_flags & EXFLAG_INVALID_POLICY) != 0) ++ cbcalled = 1; + CB_FAIL_IF((x->ex_flags & EXFLAG_INVALID_POLICY) != 0, + ctx, x, i, X509_V_ERR_INVALID_POLICY_EXTENSION); + } ++ if (!cbcalled) { ++ /* Should not be able to get here */ ++ ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR); ++ return 0; ++ } ++ /* The callback ignored the error so we return success */ + return 1; + } + if (ret == X509_PCY_TREE_FAILURE) { diff --git a/security/openssl30/files/patch-CVE-2023-0466 b/security/openssl30/files/patch-CVE-2023-0466 new file mode 100644 index 000000000000..9922f2afd95d --- /dev/null +++ b/security/openssl30/files/patch-CVE-2023-0466 @@ -0,0 +1,91 @@ +From 51e8a84ce742db0f6c70510d0159dad8f7825908 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Tue, 21 Mar 2023 16:15:47 +0100 +Subject: [PATCH] Fix documentation of X509_VERIFY_PARAM_add0_policy() + +The function was incorrectly documented as enabling policy checking. + +Fixes: CVE-2023-0466 + +Reviewed-by: Matt Caswell +Reviewed-by: Paul Dale +(Merged from https://github.com/openssl/openssl/pull/20563) +--- + CHANGES.md | 8 ++++++++ + NEWS.md | 2 ++ + doc/man3/X509_VERIFY_PARAM_set_flags.pod | 9 +++++++-- + 3 files changed, 17 insertions(+), 2 deletions(-) + +diff --git a/CHANGES.md b/CHANGES.md +index 31cc6095cc3b..eb948e6b746b 100644 +--- CHANGES.md.orig ++++ CHANGES.md +@@ -30,6 +30,13 @@ breaking changes, and mappings for the large list of deprecated functions. + + ### Changes between 3.0.8 and 3.0.9 [xx XXX xxxx] + ++ * Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention ++ that it does not enable policy checking. Thanks to David Benjamin for ++ discovering this issue. ++ ([CVE-2023-0466]) ++ ++ *Tomáš Mráz* ++ + * Fixed an issue where invalid certificate policies in leaf certificates are + silently ignored by OpenSSL and other certificate policy checks are skipped + for that certificate. A malicious CA could use this to deliberately assert +@@ -19599,6 +19606,7 @@ ndif + + + ++[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 + [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 +diff --git a/NEWS.md b/NEWS.md +index 7fe2ff15d97e..61f82603acbe 100644 +--- NEWS.md.orig ++++ NEWS.md +@@ -20,6 +20,7 @@ OpenSSL 3.0 + + ### Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [under development] + ++ * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466]) + * Fixed handling of invalid certificate policies in leaf certificates + ([CVE-2023-0465]) + * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) +@@ -1436,6 +1437,7 @@ OpenSSL 0.9.x + * Support for various new platforms + + ++[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 + [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 +diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/doc/man3/X509_VERIFY_PARAM_set_flags.pod +index 75a167702296..43c1900bca78 100644 +--- doc/man3/X509_VERIFY_PARAM_set_flags.pod.orig ++++ doc/man3/X509_VERIFY_PARAM_set_flags.pod +@@ -98,8 +98,9 @@ B. + X509_VERIFY_PARAM_set_time() sets the verification time in B to + B. Normally the current time is used. + +-X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled +-by default) and adds B to the acceptable policy set. ++X509_VERIFY_PARAM_add0_policy() adds B to the acceptable policy set. ++Contrary to preexisting documentation of this function it does not enable ++policy checking. + + X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled + by default) and sets the acceptable policy set to B. Any existing +@@ -400,6 +401,10 @@ The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i. + The X509_VERIFY_PARAM_get0_host(), X509_VERIFY_PARAM_get0_email(), + and X509_VERIFY_PARAM_get1_ip_asc() functions were added in OpenSSL 3.0. + ++The function X509_VERIFY_PARAM_add0_policy() was historically documented as ++enabling policy checking however the implementation has never done this. ++The documentation was changed to align with the implementation. ++ + =head1 COPYRIGHT + + Copyright 2009-2023 The OpenSSL Project Authors. All Rights Reserved.