diff -Nru mono-2.10.8.1/debian/changelog mono-2.10.8.1/debian/changelog --- mono-2.10.8.1/debian/changelog 2012-07-24 17:30:46.000000000 +0000 +++ mono-2.10.8.1/debian/changelog 2015-03-20 18:33:24.000000000 +0000 @@ -1,3 +1,39 @@ +mono (2.10.8.1-1ubuntu2.3) precise-security; urgency=medium + + * SECURITY UPDATE: denial of service via use after free + - debian/patches/CVE-2011-0992.patch: fix access to freed members of a + dead thread in mono/metadata/threads.c. + - CVE-2011-0992 + * SECURITY UPDATE: denial of service via hash collision + - debian/patches/CVE-2012-3543.patch: add a better hash provider to + mcs/class/System.Web/System.Web.UI/Page.cs, + mcs/class/System.Web/System.Web.Util/SecureHashCodeProvider.cs, + mcs/class/System.Web/System.Web.dll.sources, + mcs/class/System.Web/System.Web/WebROCollection.cs. + - CVE-2012-3543 + * SECURITY UPDATE: TLS impersonation attack + - debian/patches/CVE-2015-2318.patch: add handshake state validation to + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs, + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs, + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs, + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs. + - CVE-2015-2318 + * SECURITY UPDATE: FREAK attack vulnerability + - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs, + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs, + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs, + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs, + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs. + - CVE-2015-2319 + * SECURITY UPDATE: SSLv2 support + - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in + mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs. + - CVE-2015-2320 + * debian/source/options: Don't use single-debian-patch for Ubuntu. + + -- Marc Deslauriers Fri, 20 Mar 2015 14:30:11 -0400 + mono (2.10.8.1-1ubuntu2.2) precise-security; urgency=low * SECURITY UPDATE: cross-site scripting vulnerability diff -Nru mono-2.10.8.1/debian/patches/CVE-2011-0992.patch mono-2.10.8.1/debian/patches/CVE-2011-0992.patch --- mono-2.10.8.1/debian/patches/CVE-2011-0992.patch 1970-01-01 00:00:00.000000000 +0000 +++ mono-2.10.8.1/debian/patches/CVE-2011-0992.patch 2015-03-20 18:28:06.000000000 +0000 @@ -0,0 +1,37 @@ +From 722f9890f09aadfc37ae479e7d946d5fc5ef7b91 Mon Sep 17 00:00:00 2001 +From: Sebastien Pouliot +Date: Wed, 6 Apr 2011 13:24:31 -0400 +Subject: [PATCH] Fix access to freed members of a dead thread + +* threads.c: Fix access to freed members of a dead thread. Found +and fixed by Rodrigo Kumpera +Ref: CVE-2011-0992 +--- + mono/metadata/threads.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +Index: mono-2.10.8.1/mono/metadata/threads.c +=================================================================== +--- mono-2.10.8.1.orig/mono/metadata/threads.c 2015-03-20 14:28:04.452035428 -0400 ++++ mono-2.10.8.1/mono/metadata/threads.c 2015-03-20 14:28:04.448035395 -0400 +@@ -1265,12 +1265,17 @@ + CloseHandle (thread); + + if (this->synch_cs) { +- DeleteCriticalSection (this->synch_cs); +- g_free (this->synch_cs); ++ CRITICAL_SECTION *synch_cs = this->synch_cs; + this->synch_cs = NULL; ++ DeleteCriticalSection (synch_cs); ++ g_free (synch_cs); + } + +- g_free (this->name); ++ if (this->name) { ++ void *name = this->name; ++ this->name = NULL; ++ g_free (name); ++ } + } + + static void mono_thread_start (MonoThread *thread) diff -Nru mono-2.10.8.1/debian/patches/CVE-2012-3543.patch mono-2.10.8.1/debian/patches/CVE-2012-3543.patch --- mono-2.10.8.1/debian/patches/CVE-2012-3543.patch 1970-01-01 00:00:00.000000000 +0000 +++ mono-2.10.8.1/debian/patches/CVE-2012-3543.patch 2015-03-20 18:34:02.000000000 +0000 @@ -0,0 +1,208 @@ +Description: fix denial of service via hash collision +Origin: backport, https://github.com/mono/mono/commit/04245de5c480db5dff5983467f7a8606f1321ed6 +Origin: backport, https://github.com/mono/mono/commit/049bb49f1c5b650166de2a266bc1879c5def0190 +Bug: https://bugzilla.novell.com/show_bug.cgi?id=739119 +Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686562 + +Index: mono-2.10.8.1/mcs/class/System.Web/System.Web.UI/Page.cs +=================================================================== +--- mono-2.10.8.1.orig/mcs/class/System.Web/System.Web.UI/Page.cs 2011-12-19 14:17:50.000000000 -0500 ++++ mono-2.10.8.1/mcs/class/System.Web/System.Web.UI/Page.cs 2015-03-20 14:28:39.128331877 -0400 +@@ -1175,7 +1175,7 @@ + + void ProcessPostData (NameValueCollection data, bool second) + { +- NameValueCollection requestValues = _requestValueCollection == null ? new NameValueCollection () : _requestValueCollection; ++ NameValueCollection requestValues = _requestValueCollection == null ? new NameValueCollection (SecureHashCodeProvider.DefaultInvariant, CaseInsensitiveComparer.DefaultInvariant) : _requestValueCollection; + + if (data != null && data.Count > 0) { + var used = new Dictionary (StringComparer.Ordinal); +@@ -1210,7 +1210,7 @@ + + } else if (!second) { + if (secondPostData == null) +- secondPostData = new NameValueCollection (); ++ secondPostData = new NameValueCollection (SecureHashCodeProvider.DefaultInvariant, CaseInsensitiveComparer.DefaultInvariant); + secondPostData.Add (id, data [id]); + } + } +Index: mono-2.10.8.1/mcs/class/System.Web/System.Web.Util/SecureHashCodeProvider.cs +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ mono-2.10.8.1/mcs/class/System.Web/System.Web.Util/SecureHashCodeProvider.cs 2015-03-20 14:28:36.336308021 -0400 +@@ -0,0 +1,131 @@ ++// ++// System.Collections.SecureHashCodeProvider.cs ++// ++// Authors: ++// Sergey Chaban (serge@wildwestsoftware.com) ++// Andreas Nahr (ClassDevelopment@A-SoftTech.com) ++// Sebastien Pouliot ++// ++// Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com) ++// Copyright 2012 Xamarin, Inc (http://xamarin.com) ++// ++// Permission is hereby granted, free of charge, to any person obtaining ++// a copy of this software and associated documentation files (the ++// "Software"), to deal in the Software without restriction, including ++// without limitation the rights to use, copy, modify, merge, publish, ++// distribute, sublicense, and/or sell copies of the Software, and to ++// permit persons to whom the Software is furnished to do so, subject to ++// the following conditions: ++// ++// The above copyright notice and this permission notice shall be ++// included in all copies or substantial portions of the Software. ++// ++// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE ++// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION ++// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION ++// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++// ++using System; ++using System.Collections; ++using System.Globalization; ++ ++namespace System.Web.Util ++{ ++ class SecureHashCodeProvider : IHashCodeProvider ++ { ++ static readonly SecureHashCodeProvider singletonInvariant = new SecureHashCodeProvider (CultureInfo.InvariantCulture); ++ static SecureHashCodeProvider singleton; ++ static readonly object sync = new object (); ++ static readonly int seed; ++ ++ TextInfo m_text; // must match MS name for serialization ++ ++ public static SecureHashCodeProvider Default { ++ get { ++ lock (sync) { ++ if (singleton == null) { ++ singleton = new SecureHashCodeProvider (); ++ } else if (singleton.m_text == null) { ++ if (!AreEqual (CultureInfo.CurrentCulture, CultureInfo.InvariantCulture)) ++ singleton = new SecureHashCodeProvider (); ++ } else if (!AreEqual (singleton.m_text, CultureInfo.CurrentCulture)) { ++ singleton = new SecureHashCodeProvider (); ++ } ++ return singleton; ++ } ++ } ++ } ++ ++ public static SecureHashCodeProvider DefaultInvariant { ++ get { return singletonInvariant; } ++ } ++ ++ static SecureHashCodeProvider () ++ { ++ // It should be enough to fend off the attack described in ++ // https://bugzilla.novell.com/show_bug.cgi?id=739119 ++ // In order to predict value of the seed, the attacker would have to know the exact time when ++ // the server process started and since it's a remote attack, this is next to impossible. ++ // Using milliseconds instead of ticks here would make it easier for the attackers since there ++ // would only be as many as 1000 possible values ++ seed = (int)DateTime.UtcNow.Ticks; ++ } ++ ++ // Public instance constructor ++ public SecureHashCodeProvider () ++ { ++ CultureInfo culture = CultureInfo.CurrentCulture; ++ if (!AreEqual (culture, CultureInfo.InvariantCulture)) ++ m_text = CultureInfo.CurrentCulture.TextInfo; ++ } ++ ++ public SecureHashCodeProvider (CultureInfo culture) ++ { ++ if (culture == null) ++ throw new ArgumentNullException ("culture"); ++ if (!AreEqual (culture, CultureInfo.InvariantCulture)) ++ m_text = culture.TextInfo; ++ } ++ ++ static bool AreEqual (CultureInfo a, CultureInfo b) ++ { ++ return a.LCID == b.LCID; ++ } ++ ++ static bool AreEqual (TextInfo info, CultureInfo culture) ++ { ++ return info.LCID == culture.LCID; ++ } ++ ++ public int GetHashCode (object obj) ++ { ++ if (obj == null) ++ throw new ArgumentNullException ("obj"); ++ ++ string str = obj as string; ++ ++ if (str == null) ++ return obj.GetHashCode (); ++ ++ int h = seed; ++ char c; ++ ++ if ((m_text != null) && !AreEqual (m_text, CultureInfo.InvariantCulture)) { ++ str = m_text.ToLower (str); ++ for (int i = 0; i < str.Length; i++) { ++ c = str [i]; ++ h = h * 31 + c; ++ } ++ } else { ++ for (int i = 0; i < str.Length; i++) { ++ c = Char.ToLower (str [i], CultureInfo.InvariantCulture); ++ h = h * 31 + c; ++ } ++ } ++ return h; ++ } ++ } ++} +Index: mono-2.10.8.1/mcs/class/System.Web/System.Web.dll.sources +=================================================================== +--- mono-2.10.8.1.orig/mcs/class/System.Web/System.Web.dll.sources 2011-12-19 14:17:50.000000000 -0500 ++++ mono-2.10.8.1/mcs/class/System.Web/System.Web.dll.sources 2015-03-20 14:28:36.336308021 -0400 +@@ -1174,6 +1174,7 @@ + System.Web.Util/MachineKeySectionUtils.cs + System.Web.Util/RuntimeHelpers.cs + System.Web.Util/SearchPattern.cs ++System.Web.Util/SecureHashCodeProvider.cs + System.Web.Util/SerializationHelper.cs + System.Web.Util/StrUtils.cs + System.Web.Util/TimeUtil.cs +Index: mono-2.10.8.1/mcs/class/System.Web/System.Web/WebROCollection.cs +=================================================================== +--- mono-2.10.8.1.orig/mcs/class/System.Web/System.Web/WebROCollection.cs 2011-12-19 14:17:49.000000000 -0500 ++++ mono-2.10.8.1/mcs/class/System.Web/System.Web/WebROCollection.cs 2015-03-20 14:28:36.336308021 -0400 +@@ -5,6 +5,7 @@ + // Gonzalo Paniagua Javier (gonzalo@novell.com) + // + // (c) 2005-2009 Novell, Inc. (http://www.novell.com) ++// Copyright 2012 Xamarin, Inc (http://xamarin.com) + // + // + // Permission is hereby granted, free of charge, to any person obtaining +@@ -26,8 +27,10 @@ + // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + // ++using System.Collections; + using System.Collections.Specialized; + using System.Text; ++using System.Web.Util; + + namespace System.Web + { +@@ -36,7 +39,7 @@ + bool got_id; + int id; + +- public WebROCollection () : base (StringComparer.OrdinalIgnoreCase) { } ++ public WebROCollection () : base (SecureHashCodeProvider.DefaultInvariant, CaseInsensitiveComparer.DefaultInvariant) { } + public bool GotID { + get { return got_id; } + } diff -Nru mono-2.10.8.1/debian/patches/CVE-2015-2318.patch mono-2.10.8.1/debian/patches/CVE-2015-2318.patch --- mono-2.10.8.1/debian/patches/CVE-2015-2318.patch 1970-01-01 00:00:00.000000000 +0000 +++ mono-2.10.8.1/debian/patches/CVE-2015-2318.patch 2015-03-20 18:34:30.000000000 +0000 @@ -0,0 +1,175 @@ +Description: fix TLS impersonation attack +Origin: https://gist.github.com/directhex/728af6f96d1b8c976659 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751 + +diff -urNad mono-3.2.8.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs mono-3.2.8/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs +--- mono-3.2.8.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs 2014-02-19 18:48:31.000000000 +0000 ++++ mono-3.2.8/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs 2015-03-06 15:01:29.810597612 +0000 +@@ -129,6 +129,7 @@ + HandshakeType type, byte[] buffer) + { + ClientContext context = (ClientContext)this.context; ++ var last = context.LastHandshakeMsg; + + switch (type) + { +@@ -148,23 +149,44 @@ + return null; + + case HandshakeType.ServerHello: ++ if (last != HandshakeType.HelloRequest) ++ break; + return new TlsServerHello(this.context, buffer); + ++ // Optional + case HandshakeType.Certificate: ++ if (last != HandshakeType.ServerHello) ++ break; + return new TlsServerCertificate(this.context, buffer); + ++ // Optional + case HandshakeType.ServerKeyExchange: +- return new TlsServerKeyExchange(this.context, buffer); ++ // only for RSA_EXPORT ++ if (last == HandshakeType.Certificate && context.Current.Cipher.IsExportable) ++ return new TlsServerKeyExchange(this.context, buffer); ++ break; + ++ // Optional + case HandshakeType.CertificateRequest: +- return new TlsServerCertificateRequest(this.context, buffer); ++ if (last == HandshakeType.ServerKeyExchange || last == HandshakeType.Certificate) ++ return new TlsServerCertificateRequest(this.context, buffer); ++ break; + + case HandshakeType.ServerHelloDone: +- return new TlsServerHelloDone(this.context, buffer); ++ if (last == HandshakeType.CertificateRequest || last == HandshakeType.Certificate || last == HandshakeType.ServerHello) ++ return new TlsServerHelloDone(this.context, buffer); ++ break; + + case HandshakeType.Finished: +- return new TlsServerFinished(this.context, buffer); +- ++ // depends if a full (ServerHelloDone) or an abbreviated handshake (ServerHello) is being done ++ bool check = context.AbbreviatedHandshake ? (last == HandshakeType.ServerHello) : (last == HandshakeType.ServerHelloDone); ++ // ChangeCipherSpecDone is not an handshake message (it's a content type) but still needs to be happens before finished ++ if (check && context.ChangeCipherSpecDone) { ++ context.ChangeCipherSpecDone = false; ++ return new TlsServerFinished (this.context, buffer); ++ } ++ break; ++ + default: + throw new TlsException( + AlertDescription.UnexpectedMessage, +@@ -172,6 +194,7 @@ + "Unknown server handshake message received ({0})", + type.ToString())); + } ++ throw new TlsException (AlertDescription.HandshakeFailiure, String.Format ("Protocol error, unexpected protocol transition from {0} to {1}", last, type)); + } + + #endregion +diff -urNad mono-3.2.8.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs mono-3.2.8/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs +--- mono-3.2.8.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs 2014-02-19 18:51:55.000000000 +0000 ++++ mono-3.2.8/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs 2015-03-06 15:01:29.810597612 +0000 +@@ -122,6 +122,8 @@ + set { this.protocolNegotiated = value; } + } + ++ public bool ChangeCipherSpecDone { get; set; } ++ + public SecurityProtocolType SecurityProtocol + { + get +diff -urNad mono-3.2.8.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs mono-3.2.8/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs +--- mono-3.2.8.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs 2014-02-19 18:51:55.000000000 +0000 ++++ mono-3.2.8/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs 2015-03-06 15:01:29.810597612 +0000 +@@ -88,6 +88,8 @@ + } else { + ctx.StartSwitchingSecurityParameters (false); + } ++ ++ ctx.ChangeCipherSpecDone = true; + } + + public virtual HandshakeMessage GetMessage(HandshakeType type) +@@ -348,9 +350,6 @@ + // Try to read the Record Content Type + int type = internalResult.InitialBuffer[0]; + +- // Set last handshake message received to None +- this.context.LastHandshakeMsg = HandshakeType.ClientHello; +- + ContentType contentType = (ContentType)type; + byte[] buffer = this.ReadRecordBuffer(type, record); + if (buffer == null) +diff -urNad mono-3.2.8.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs mono-3.2.8/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs +--- mono-3.2.8.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs 2014-02-19 18:48:31.000000000 +0000 ++++ mono-3.2.8/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs 2015-03-06 15:01:29.810597612 +0000 +@@ -33,6 +33,8 @@ + { + internal class ServerRecordProtocol : RecordProtocol + { ++ TlsClientCertificate cert; ++ + #region Constructors + + public ServerRecordProtocol( +@@ -93,30 +95,45 @@ + private HandshakeMessage createClientHandshakeMessage( + HandshakeType type, byte[] buffer) + { ++ var last = context.LastHandshakeMsg; + switch (type) + { + case HandshakeType.ClientHello: + return new TlsClientHello(this.context, buffer); + + case HandshakeType.Certificate: +- return new TlsClientCertificate(this.context, buffer); ++ if (last != HandshakeType.ClientHello) ++ break; ++ cert = new TlsClientCertificate(this.context, buffer); ++ return cert; + + case HandshakeType.ClientKeyExchange: +- return new TlsClientKeyExchange(this.context, buffer); ++ if (last == HandshakeType.ClientHello || last == HandshakeType.Certificate) ++ return new TlsClientKeyExchange(this.context, buffer); ++ break; + + case HandshakeType.CertificateVerify: +- return new TlsClientCertificateVerify(this.context, buffer); ++ if (last == HandshakeType.ClientKeyExchange && cert != null) ++ return new TlsClientCertificateVerify(this.context, buffer); ++ break; + + case HandshakeType.Finished: +- return new TlsClientFinished(this.context, buffer); +- ++ // Certificates are optional, but if provided, they should send a CertificateVerify ++ bool check = (cert == null) ? (last == HandshakeType.ClientKeyExchange) : (last == HandshakeType.CertificateVerify); ++ // ChangeCipherSpecDone is not an handshake message (it's a content type) but still needs to be happens before finished ++ if (check && context.ChangeCipherSpecDone) { ++ context.ChangeCipherSpecDone = false; ++ return new TlsClientFinished(this.context, buffer); ++ } ++ break; ++ + default: +- throw new TlsException( +- AlertDescription.UnexpectedMessage, +- String.Format(CultureInfo.CurrentUICulture, +- "Unknown server handshake message received ({0})", +- type.ToString())); ++ throw new TlsException(AlertDescription.UnexpectedMessage, String.Format(CultureInfo.CurrentUICulture, ++ "Unknown server handshake message received ({0})", ++ type.ToString())); ++ break; + } ++ throw new TlsException (AlertDescription.HandshakeFailiure, String.Format ("Protocol error, unexpected protocol transition from {0} to {1}", last, type)); + } + + private HandshakeMessage createServerHandshakeMessage( diff -Nru mono-2.10.8.1/debian/patches/CVE-2015-2319.patch mono-2.10.8.1/debian/patches/CVE-2015-2319.patch --- mono-2.10.8.1/debian/patches/CVE-2015-2319.patch 1970-01-01 00:00:00.000000000 +0000 +++ mono-2.10.8.1/debian/patches/CVE-2015-2319.patch 2015-03-20 18:34:49.000000000 +0000 @@ -0,0 +1,221 @@ +Description: fix FREAK attack vulnerability +Origin: https://gist.github.com/directhex/728af6f96d1b8c976659 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780751 + +Index: mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs +=================================================================== +--- mono-2.10.8.1.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs 2015-03-20 14:29:51.076945793 -0400 ++++ mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs 2015-03-20 14:29:51.072945758 -0400 +@@ -60,14 +60,14 @@ + scs.Add((0x00 << 0x08) | 0x09, "TLS_RSA_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, false, true, 8, 8, 56, 8, 8); + + // Supported exportable ciphers +- scs.Add((0x00 << 0x08) | 0x03, "TLS_RSA_EXPORT_WITH_RC4_40_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 5, 16, 40, 0, 0); +- scs.Add((0x00 << 0x08) | 0x06, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 16, 40, 8, 8); +- scs.Add((0x00 << 0x08) | 0x08, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 8, 40, 8, 8); +- scs.Add((0x00 << 0x08) | 0x60, "TLS_RSA_EXPORT_WITH_RC4_56_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 7, 16, 56, 0, 0); +- scs.Add((0x00 << 0x08) | 0x61, "TLS_RSA_EXPORT_WITH_RC2_CBC_56_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 7, 16, 56, 8, 8); ++ // scs.Add((0x00 << 0x08) | 0x03, "TLS_RSA_EXPORT_WITH_RC4_40_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 5, 16, 40, 0, 0); ++ // scs.Add((0x00 << 0x08) | 0x06, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 16, 40, 8, 8); ++ // scs.Add((0x00 << 0x08) | 0x08, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 8, 40, 8, 8); ++ // scs.Add((0x00 << 0x08) | 0x60, "TLS_RSA_EXPORT_WITH_RC4_56_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 7, 16, 56, 0, 0); ++ // scs.Add((0x00 << 0x08) | 0x61, "TLS_RSA_EXPORT_WITH_RC2_CBC_56_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 7, 16, 56, 8, 8); + // 56 bits but we use 64 bits because of parity (DES is really 56 bits) +- scs.Add((0x00 << 0x08) | 0x62, "TLS_RSA_EXPORT_WITH_DES_CBC_56_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, true, 8, 8, 64, 8, 8); +- scs.Add((0x00 << 0x08) | 0x64, "TLS_RSA_EXPORT_WITH_RC4_56_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, false, 7, 16, 56, 0, 0); ++ // scs.Add((0x00 << 0x08) | 0x62, "TLS_RSA_EXPORT_WITH_DES_CBC_56_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, true, 8, 8, 64, 8, 8); ++ // scs.Add((0x00 << 0x08) | 0x64, "TLS_RSA_EXPORT_WITH_RC4_56_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, false, 7, 16, 56, 0, 0); + + // Default CipherSuite + // scs.Add(0, "TLS_NULL_WITH_NULL_NULL", CipherAlgorithmType.None, HashAlgorithmType.None, ExchangeAlgorithmType.None, true, false, 0, 0, 0, 0, 0); +@@ -138,14 +138,14 @@ + scs.Add((0x00 << 0x08) | 0x09, "SSL_RSA_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, false, true, 8, 8, 56, 8, 8); + + // Supported exportable ciphers +- scs.Add((0x00 << 0x08) | 0x03, "SSL_RSA_EXPORT_WITH_RC4_40_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 5, 16, 40, 0, 0); +- scs.Add((0x00 << 0x08) | 0x06, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 16, 40, 8, 8); +- scs.Add((0x00 << 0x08) | 0x08, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 8, 40, 8, 8); +- scs.Add((0x00 << 0x08) | 0x60, "SSL_RSA_EXPORT_WITH_RC4_56_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 7, 16, 56, 0, 0); +- scs.Add((0x00 << 0x08) | 0x61, "SSL_RSA_EXPORT_WITH_RC2_CBC_56_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 7, 16, 56, 8, 8); ++ // scs.Add((0x00 << 0x08) | 0x03, "SSL_RSA_EXPORT_WITH_RC4_40_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 5, 16, 40, 0, 0); ++ // scs.Add((0x00 << 0x08) | 0x06, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 16, 40, 8, 8); ++ // scs.Add((0x00 << 0x08) | 0x08, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 8, 40, 8, 8); ++ // scs.Add((0x00 << 0x08) | 0x60, "SSL_RSA_EXPORT_WITH_RC4_56_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 7, 16, 56, 0, 0); ++ // scs.Add((0x00 << 0x08) | 0x61, "SSL_RSA_EXPORT_WITH_RC2_CBC_56_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 7, 16, 56, 8, 8); + // 56 bits but we use 64 bits because of parity (DES is really 56 bits) +- scs.Add((0x00 << 0x08) | 0x62, "SSL_RSA_EXPORT_WITH_DES_CBC_56_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, true, 8, 8, 64, 8, 8); +- scs.Add((0x00 << 0x08) | 0x64, "SSL_RSA_EXPORT_WITH_RC4_56_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, false, 7, 16, 56, 0, 0); ++ // scs.Add((0x00 << 0x08) | 0x62, "SSL_RSA_EXPORT_WITH_DES_CBC_56_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, true, 8, 8, 64, 8, 8); ++ // scs.Add((0x00 << 0x08) | 0x64, "SSL_RSA_EXPORT_WITH_RC4_56_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, false, 7, 16, 56, 0, 0); + + // Default CipherSuite + // scs.Add(0, "SSL_NULL_WITH_NULL_NULL", CipherAlgorithmType.None, HashAlgorithmType.None, true, false, 0, 0, 0, 0, 0); +Index: mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs +=================================================================== +--- mono-2.10.8.1.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs 2015-03-20 14:29:51.076945793 -0400 ++++ mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs 2015-03-20 14:29:51.072945758 -0400 +@@ -160,13 +160,6 @@ + return new TlsServerCertificate(this.context, buffer); + + // Optional +- case HandshakeType.ServerKeyExchange: +- // only for RSA_EXPORT +- if (last == HandshakeType.Certificate && context.Current.Cipher.IsExportable) +- return new TlsServerKeyExchange(this.context, buffer); +- break; +- +- // Optional + case HandshakeType.CertificateRequest: + if (last == HandshakeType.ServerKeyExchange || last == HandshakeType.Certificate) + return new TlsServerCertificateRequest(this.context, buffer); +Index: mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs +=================================================================== +--- mono-2.10.8.1.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs 2015-03-20 14:29:51.076945793 -0400 ++++ mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs 2015-03-20 14:29:51.072945758 -0400 +@@ -190,59 +190,15 @@ + this.Context.ClientWriteKey = keyBlock.ReadBytes(this.KeyMaterialSize); + this.Context.ServerWriteKey = keyBlock.ReadBytes(this.KeyMaterialSize); + +- if (!this.IsExportable) ++ if (this.IvSize != 0) + { +- if (this.IvSize != 0) +- { +- this.Context.ClientWriteIV = keyBlock.ReadBytes(this.IvSize); +- this.Context.ServerWriteIV = keyBlock.ReadBytes(this.IvSize); +- } +- else +- { +- this.Context.ClientWriteIV = CipherSuite.EmptyArray; +- this.Context.ServerWriteIV = CipherSuite.EmptyArray; +- } ++ this.Context.ClientWriteIV = keyBlock.ReadBytes(this.IvSize); ++ this.Context.ServerWriteIV = keyBlock.ReadBytes(this.IvSize); + } + else + { +- HashAlgorithm md5 = MD5.Create(); +- +- int keySize = (md5.HashSize >> 3); //in bytes not bits +- byte[] temp = new byte [keySize]; +- +- // Generate final write keys +- md5.TransformBlock(this.Context.ClientWriteKey, 0, this.Context.ClientWriteKey.Length, temp, 0); +- md5.TransformFinalBlock(this.Context.RandomCS, 0, this.Context.RandomCS.Length); +- byte[] finalClientWriteKey = new byte[this.ExpandedKeyMaterialSize]; +- Buffer.BlockCopy(md5.Hash, 0, finalClientWriteKey, 0, this.ExpandedKeyMaterialSize); +- +- md5.Initialize(); +- md5.TransformBlock(this.Context.ServerWriteKey, 0, this.Context.ServerWriteKey.Length, temp, 0); +- md5.TransformFinalBlock(this.Context.RandomSC, 0, this.Context.RandomSC.Length); +- byte[] finalServerWriteKey = new byte[this.ExpandedKeyMaterialSize]; +- Buffer.BlockCopy(md5.Hash, 0, finalServerWriteKey, 0, this.ExpandedKeyMaterialSize); +- +- this.Context.ClientWriteKey = finalClientWriteKey; +- this.Context.ServerWriteKey = finalServerWriteKey; +- +- // Generate IV keys +- if (this.IvSize > 0) +- { +- md5.Initialize(); +- temp = md5.ComputeHash(this.Context.RandomCS, 0, this.Context.RandomCS.Length); +- this.Context.ClientWriteIV = new byte[this.IvSize]; +- Buffer.BlockCopy(temp, 0, this.Context.ClientWriteIV, 0, this.IvSize); +- +- md5.Initialize(); +- temp = md5.ComputeHash(this.Context.RandomSC, 0, this.Context.RandomSC.Length); +- this.Context.ServerWriteIV = new byte[this.IvSize]; +- Buffer.BlockCopy(temp, 0, this.Context.ServerWriteIV, 0, this.IvSize); +- } +- else +- { +- this.Context.ClientWriteIV = CipherSuite.EmptyArray; +- this.Context.ServerWriteIV = CipherSuite.EmptyArray; +- } ++ this.Context.ClientWriteIV = CipherSuite.EmptyArray; ++ this.Context.ServerWriteIV = CipherSuite.EmptyArray; + } + + DebugHelper.WriteLine(">>>> KeyBlock", keyBlock.ToArray()); +Index: mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs +=================================================================== +--- mono-2.10.8.1.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs 2015-03-20 14:29:51.076945793 -0400 ++++ mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs 2015-03-20 14:29:51.072945758 -0400 +@@ -228,19 +228,11 @@ + // Send ServerCertificate message + this.protocol.SendRecord(HandshakeType.Certificate); + +- // If the negotiated cipher is a KeyEx cipher send ServerKeyExchange +- if (this.context.Negotiating.Cipher.IsExportable) +- { +- this.protocol.SendRecord(HandshakeType.ServerKeyExchange); +- } +- + bool certRequested = false; + +- // If the negotiated cipher is a KeyEx cipher or +- // the client certificate is required send the CertificateRequest message +- if (this.context.Negotiating.Cipher.IsExportable || +- ((ServerContext)this.context).ClientCertificateRequired || +- ((ServerContext)this.context).RequestClientCertificate) ++ // If the client certificate is required send the CertificateRequest message ++ if (((ServerContext)this.context).ClientCertificateRequired || ++ ((ServerContext)this.context).RequestClientCertificate) + { + this.protocol.SendRecord(HandshakeType.CertificateRequest); + certRequested = true; +Index: mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs +=================================================================== +--- mono-2.10.8.1.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs 2015-03-20 14:29:51.076945793 -0400 ++++ mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs 2015-03-20 14:29:51.072945758 -0400 +@@ -118,45 +118,15 @@ + this.Context.ClientWriteKey = keyBlock.ReadBytes(this.KeyMaterialSize); + this.Context.ServerWriteKey = keyBlock.ReadBytes(this.KeyMaterialSize); + +- if (!this.IsExportable) ++ if (this.IvSize != 0) + { +- if (this.IvSize != 0) +- { +- this.Context.ClientWriteIV = keyBlock.ReadBytes(this.IvSize); +- this.Context.ServerWriteIV = keyBlock.ReadBytes(this.IvSize); +- } +- else +- { +- this.Context.ClientWriteIV = CipherSuite.EmptyArray; +- this.Context.ServerWriteIV = CipherSuite.EmptyArray; +- } ++ this.Context.ClientWriteIV = keyBlock.ReadBytes(this.IvSize); ++ this.Context.ServerWriteIV = keyBlock.ReadBytes(this.IvSize); + } + else + { +- // Generate final write keys +- byte[] finalClientWriteKey = PRF(this.Context.ClientWriteKey, "client write key", this.Context.RandomCS, this.ExpandedKeyMaterialSize); +- byte[] finalServerWriteKey = PRF(this.Context.ServerWriteKey, "server write key", this.Context.RandomCS, this.ExpandedKeyMaterialSize); +- +- this.Context.ClientWriteKey = finalClientWriteKey; +- this.Context.ServerWriteKey = finalServerWriteKey; +- +- if (this.IvSize > 0) +- { +- // Generate IV block +- byte[] ivBlock = PRF(CipherSuite.EmptyArray, "IV block", this.Context.RandomCS, this.IvSize*2); +- +- // Generate IV keys +- this.Context.ClientWriteIV = new byte[this.IvSize]; +- Buffer.BlockCopy(ivBlock, 0, this.Context.ClientWriteIV, 0, this.Context.ClientWriteIV.Length); +- +- this.Context.ServerWriteIV = new byte[this.IvSize]; +- Buffer.BlockCopy(ivBlock, this.IvSize, this.Context.ServerWriteIV, 0, this.Context.ServerWriteIV.Length); +- } +- else +- { +- this.Context.ClientWriteIV = CipherSuite.EmptyArray; +- this.Context.ServerWriteIV = CipherSuite.EmptyArray; +- } ++ this.Context.ClientWriteIV = CipherSuite.EmptyArray; ++ this.Context.ServerWriteIV = CipherSuite.EmptyArray; + } + + DebugHelper.WriteLine(">>>> KeyBlock", keyBlock.ToArray()); diff -Nru mono-2.10.8.1/debian/patches/CVE-2015-2320.patch mono-2.10.8.1/debian/patches/CVE-2015-2320.patch --- mono-2.10.8.1/debian/patches/CVE-2015-2320.patch 1970-01-01 00:00:00.000000000 +0000 +++ mono-2.10.8.1/debian/patches/CVE-2015-2320.patch 2015-03-20 18:30:06.000000000 +0000 @@ -0,0 +1,201 @@ +From b371da6b2d68b4cdd0f21d6342af6c42794f998b Mon Sep 17 00:00:00 2001 +From: Sebastien Pouliot +Date: Fri, 6 Mar 2015 10:34:59 -0500 +Subject: [PATCH] Remove the client-side SSLv2 fallback. + + There's almost no SSLv3 web site left so a v2 fallback is only extra + code we do not need to carry forward. +--- + .../Mono.Security.Protocol.Tls/RecordProtocol.cs | 169 +-------------------- + 1 file changed, 1 insertion(+), 168 deletions(-) + +Index: mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs +=================================================================== +--- mono-2.10.8.1.orig/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs 2015-03-20 14:30:02.745045205 -0400 ++++ mono-2.10.8.1/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs 2015-03-20 14:30:02.745045205 -0400 +@@ -444,87 +444,11 @@ + + private byte[] ReadRecordBuffer (int contentType, Stream record) + { +- switch (contentType) +- { +- case 0x80: +- return this.ReadClientHelloV2(record); +- +- default: +- if (!Enum.IsDefined(typeof(ContentType), (ContentType)contentType)) +- { +- throw new TlsException(AlertDescription.DecodeError); +- } +- return this.ReadStandardRecordBuffer(record); +- } +- } +- +- private byte[] ReadClientHelloV2 (Stream record) +- { +- int msgLength = record.ReadByte (); +- // process further only if the whole record is available +- if (record.CanSeek && (msgLength + 1 > record.Length)) +- { +- return null; +- } +- +- byte[] message = new byte[msgLength]; +- record.Read (message, 0, msgLength); +- +- int msgType = message [0]; +- if (msgType != 1) +- { +- throw new TlsException(AlertDescription.DecodeError); +- } +- int protocol = (message [1] << 8 | message [2]); +- int cipherSpecLength = (message [3] << 8 | message [4]); +- int sessionIdLength = (message [5] << 8 | message [6]); +- int challengeLength = (message [7] << 8 | message [8]); +- int length = (challengeLength > 32) ? 32 : challengeLength; +- +- // Read CipherSpecs +- byte[] cipherSpecV2 = new byte[cipherSpecLength]; +- Buffer.BlockCopy (message, 9, cipherSpecV2, 0, cipherSpecLength); +- +- // Read session ID +- byte[] sessionId = new byte[sessionIdLength]; +- Buffer.BlockCopy (message, 9 + cipherSpecLength, sessionId, 0, sessionIdLength); +- +- // Read challenge ID +- byte[] challenge = new byte[challengeLength]; +- Buffer.BlockCopy (message, 9 + cipherSpecLength + sessionIdLength, challenge, 0, challengeLength); +- +- if (challengeLength < 16 || cipherSpecLength == 0 || (cipherSpecLength % 3) != 0) ++ if (!Enum.IsDefined(typeof(ContentType), (ContentType)contentType)) + { + throw new TlsException(AlertDescription.DecodeError); + } + +- // Updated the Session ID +- if (sessionId.Length > 0) +- { +- this.context.SessionId = sessionId; +- } +- +- // Update the protocol version +- this.Context.ChangeProtocol((short)protocol); +- +- // Select the Cipher suite +- this.ProcessCipherSpecV2Buffer(this.Context.SecurityProtocol, cipherSpecV2); +- +- // Updated the Client Random +- this.context.ClientRandom = new byte [32]; // Always 32 +- // 1. if challenge is bigger than 32 bytes only use the last 32 bytes +- // 2. right justify (0) challenge in ClientRandom if less than 32 +- Buffer.BlockCopy (challenge, challenge.Length - length, this.context.ClientRandom, 32 - length, length); +- +- // Set +- this.context.LastHandshakeMsg = HandshakeType.ClientHello; +- this.context.ProtocolNegotiated = true; +- +- return message; +- } +- +- private byte[] ReadStandardRecordBuffer (Stream record) +- { + byte[] header = new byte[4]; + if (record.Read (header, 0, 4) != 4) + throw new TlsException ("buffer underrun"); +@@ -888,96 +812,5 @@ + } + + #endregion +- +- #region CipherSpecV2 processing +- +- private void ProcessCipherSpecV2Buffer (SecurityProtocolType protocol, byte[] buffer) +- { +- TlsStream codes = new TlsStream(buffer); +- +- string prefix = (protocol == SecurityProtocolType.Ssl3) ? "SSL_" : "TLS_"; +- +- while (codes.Position < codes.Length) +- { +- byte check = codes.ReadByte(); +- +- if (check == 0) +- { +- // SSL/TLS cipher spec +- short code = codes.ReadInt16(); +- int index = this.Context.SupportedCiphers.IndexOf(code); +- if (index != -1) +- { +- this.Context.Negotiating.Cipher = this.Context.SupportedCiphers[index]; +- break; +- } +- } +- else +- { +- byte[] tmp = new byte[2]; +- codes.Read(tmp, 0, tmp.Length); +- +- int tmpCode = ((check & 0xff) << 16) | ((tmp[0] & 0xff) << 8) | (tmp[1] & 0xff); +- CipherSuite cipher = this.MapV2CipherCode(prefix, tmpCode); +- +- if (cipher != null) +- { +- this.Context.Negotiating.Cipher = cipher; +- break; +- } +- } +- } +- +- if (this.Context.Negotiating == null) +- { +- throw new TlsException(AlertDescription.InsuficientSecurity, "Insuficient Security"); +- } +- } +- +- private CipherSuite MapV2CipherCode(string prefix, int code) +- { +- try +- { +- switch (code) +- { +- case 65664: +- // TLS_RC4_128_WITH_MD5 +- return this.Context.SupportedCiphers[prefix + "RSA_WITH_RC4_128_MD5"]; +- +- case 131200: +- // TLS_RC4_128_EXPORT40_WITH_MD5 +- return this.Context.SupportedCiphers[prefix + "RSA_EXPORT_WITH_RC4_40_MD5"]; +- +- case 196736: +- // TLS_RC2_CBC_128_CBC_WITH_MD5 +- return this.Context.SupportedCiphers[prefix + "RSA_EXPORT_WITH_RC2_CBC_40_MD5"]; +- +- case 262272: +- // TLS_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 +- return this.Context.SupportedCiphers[prefix + "RSA_EXPORT_WITH_RC2_CBC_40_MD5"]; +- +- case 327808: +- // TLS_IDEA_128_CBC_WITH_MD5 +- return null; +- +- case 393280: +- // TLS_DES_64_CBC_WITH_MD5 +- return null; +- +- case 458944: +- // TLS_DES_192_EDE3_CBC_WITH_MD5 +- return null; +- +- default: +- return null; +- } +- } +- catch +- { +- return null; +- } +- } +- +- #endregion + } + } diff -Nru mono-2.10.8.1/debian/patches/series mono-2.10.8.1/debian/patches/series --- mono-2.10.8.1/debian/patches/series 2012-07-24 17:28:59.000000000 +0000 +++ mono-2.10.8.1/debian/patches/series 2015-03-20 18:30:00.000000000 +0000 @@ -1,2 +1,7 @@ debian-changes CVE-2012-3382.patch +CVE-2011-0992.patch +CVE-2012-3543.patch +CVE-2015-2318.patch +CVE-2015-2319.patch +CVE-2015-2320.patch diff -Nru mono-2.10.8.1/debian/source/options mono-2.10.8.1/debian/source/options --- mono-2.10.8.1/debian/source/options 2012-03-23 05:45:36.000000000 +0000 +++ mono-2.10.8.1/debian/source/options 2015-03-20 18:27:21.000000000 +0000 @@ -1 +1 @@ -single-debian-patch +#single-debian-patch