diff -Nru gnutls28-3.4.10/debian/changelog gnutls28-3.4.10/debian/changelog --- gnutls28-3.4.10/debian/changelog 2020-01-23 13:47:43.000000000 +0000 +++ gnutls28-3.4.10/debian/changelog 2020-06-17 21:06:13.000000000 +0000 @@ -1,3 +1,11 @@ +gnutls28 (3.4.10-4ubuntu1.8) xenial; urgency=medium + + * d/p/50_Update-session_ticket.c-to-add-support-for-zero-leng.patch: + - add support for zero length session tickets returned from the server, + thanks Rod for the backport and testing! (lp: #1876286) + + -- Sebastien Bacher Wed, 17 Jun 2020 23:06:13 +0200 + gnutls28 (3.4.10-4ubuntu1.7) xenial-security; urgency=medium * SECURITY UPDATE: Allow re-enabling SHA1 for certificate signing with a diff -Nru gnutls28-3.4.10/debian/patches/50_Update-session_ticket.c-to-add-support-for-zero-leng.patch gnutls28-3.4.10/debian/patches/50_Update-session_ticket.c-to-add-support-for-zero-leng.patch --- gnutls28-3.4.10/debian/patches/50_Update-session_ticket.c-to-add-support-for-zero-leng.patch 1970-01-01 00:00:00.000000000 +0000 +++ gnutls28-3.4.10/debian/patches/50_Update-session_ticket.c-to-add-support-for-zero-leng.patch 2020-06-17 21:06:13.000000000 +0000 @@ -0,0 +1,43 @@ +From 1d4615aa650dad1c01452d46396c0307304b0245 Mon Sep 17 00:00:00 2001 +From: rrivers2 <5981058-rrivers2@users.noreply.gitlab.com> +Date: Sun, 24 May 2020 23:11:01 +0000 +Subject: [PATCH] Update session_ticket.c to add support for zero length + session tickets returned from the server + +check that ticket_len > 0 prior to calling gnutls_realloc_fast + +Signed-off-by: Rod Rivers <5981058-rrivers2@users.noreply.gitlab.com> +--- + lib/ext/session_ticket.c | 18 ++++++++++-------- + 1 file changed, 10 insertions(+), 8 deletions(-) + +diff --git a/lib/ext/session_ticket.c b/lib/ext/session_ticket.c +index c854d9c2a..8d4595821 100644 +--- a/lib/ext/session_ticket.c ++++ b/lib/ext/session_ticket.c +@@ -680,14 +680,16 @@ int _gnutls_recv_new_session_ticket(gnut + DECR_LENGTH_COM(data_size, ticket_len, ret = + GNUTLS_E_UNEXPECTED_PACKET_LENGTH; + goto error); +- priv->session_ticket = +- gnutls_realloc_fast(priv->session_ticket, ticket_len); +- if (!priv->session_ticket) { +- gnutls_assert(); +- ret = GNUTLS_E_MEMORY_ERROR; +- goto error; ++ if (ticket_len > 0) { ++ priv->session_ticket = ++ gnutls_realloc_fast(priv->session_ticket, ticket_len); ++ if (!priv->session_ticket) { ++ gnutls_assert(); ++ ret = GNUTLS_E_MEMORY_ERROR; ++ goto error; ++ } ++ memcpy(priv->session_ticket, p, ticket_len); + } +- memcpy(priv->session_ticket, p, ticket_len); + priv->session_ticket_len = ticket_len; + + /* Discard the current session ID. (RFC5077 3.4) */ + + diff -Nru gnutls28-3.4.10/debian/patches/series gnutls28-3.4.10/debian/patches/series --- gnutls28-3.4.10/debian/patches/series 2020-01-23 13:45:52.000000000 +0000 +++ gnutls28-3.4.10/debian/patches/series 2020-06-17 21:06:13.000000000 +0000 @@ -40,3 +40,4 @@ insecuresha1-16.patch allow_broken_priority_string.patch allow_sha1_priority_string.patch +50_Update-session_ticket.c-to-add-support-for-zero-leng.patch