mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-28 06:32:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

gnutls: fix CVE-2024-12243

Browse Source 
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing.
Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate
data can take excessive time, leading to increased resource consumption.
This flaw allows a remote attacker to send a specially crafted certificate, causing
GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.

(From OE-Core rev: 5fbe46de6d2e3862316cf486503f18e616c3c0a7)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Archana Polampalli
2025-02-14 10:49:25 +00:00
committed by Steve Sakoman
parent 138ab1c7df
commit 0730523542
2 changed files with 1161 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1160
meta/recipes-support/gnutls/gnutls/CVE-2024-12243.patch Normal file
View File

File diff suppressed because it is too large Load Diff

1
meta/recipes-support/gnutls/gnutls_3.7.4.bb
View File

@@ -28,6 +28,7 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
file://CVE-2024-0567.patch \
file://CVE-2024-28834.patch \
file://CVE-2024-28835.patch \
file://CVE-2024-12243.patch \
"
SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f"