Accepting request 232653 from Base:System

Fixed bug[ bnc#876282], CVE-2014-0198 openssl: OpenSSL NULL pointer dereference in do_ssl3_write; Add file: CVE-2014-0198.patch (forwarded request 232650 from shawn2012)

OBS-URL: https://build.opensuse.org/request/show/232653
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=115

CVE-2014-0198.patch

@@ -0,0 +1,15 @@
+Index: openssl-1.0.1g/ssl/s3_pkt.c
+===================================================================
+--- openssl-1.0.1g.orig/ssl/s3_pkt.c
++++ openssl-1.0.1g/ssl/s3_pkt.c
+@@ -657,6 +657,10 @@ static int do_ssl3_write(SSL *s, int typ
+ 		if (i <= 0)
+ 			return(i);
+ 		/* if it went, fall through and send more stuff */
++		/* we may have released our buffer, so get it again */
++		if (wb->buf == NULL)
++			if (!ssl3_setup_write_buffer(s))
++				return -1;
+ 		}
+ 
+ 	if (len == 0 && !create_empty_fragment)

openssl.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon May  5 06:45:19 UTC 2014 - citypw@gmail.com
+
+- Fixed bug[ bnc#876282], CVE-2014-0198 openssl: OpenSSL NULL pointer dereference in do_ssl3_write
+  Add file: CVE-2014-0198.patch
+
 -------------------------------------------------------------------
 Sun Apr 20 00:53:34 UTC 2014 - crrodriguez@opensuse.org
 

openssl.spec

@@ -67,6 +67,7 @@ Patch18:        openssl-1.0.1e-new-fips-reqs.patch
 Patch19:        openssl-gcc-attributes.patch
 Patch20:        openssl-buffreelistbug-aka-CVE-2010-5298.patch
 Patch21:        openssl-libssl-noweakciphers.patch
+Patch22:        CVE-2014-0198.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -175,6 +176,7 @@ this package's base documentation.
 %patch19 -p1
 %patch20 -p1
 %patch21 -p1
+%patch22 -p1
 cp -p %{S:10} .
 cp -p %{S:11} .
 echo "adding/overwriting some entries in the 'table' hash in Configure"