From 191f308eaf1873eb793cade1608d513d91f174874471c76ea267e68a4446ff1c Mon Sep 17 00:00:00 2001 From: Stephan Kulow Date: Tue, 6 May 2014 11:39:32 +0000 Subject: [PATCH] Accepting request 232653 from Base:System Fixed bug[ bnc#876282], CVE-2014-0198 openssl: OpenSSL NULL pointer dereference in do_ssl3_write; Add file: CVE-2014-0198.patch (forwarded request 232650 from shawn2012) OBS-URL: https://build.opensuse.org/request/show/232653 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=115 --- CVE-2014-0198.patch | 15 +++++++++++++++ openssl.changes | 6 ++++++ openssl.spec | 2 ++ 3 files changed, 23 insertions(+) create mode 100644 CVE-2014-0198.patch diff --git a/CVE-2014-0198.patch b/CVE-2014-0198.patch new file mode 100644 index 0000000..68c82d0 --- /dev/null +++ b/CVE-2014-0198.patch @@ -0,0 +1,15 @@ +Index: openssl-1.0.1g/ssl/s3_pkt.c +=================================================================== +--- openssl-1.0.1g.orig/ssl/s3_pkt.c ++++ openssl-1.0.1g/ssl/s3_pkt.c +@@ -657,6 +657,10 @@ static int do_ssl3_write(SSL *s, int typ + if (i <= 0) + return(i); + /* if it went, fall through and send more stuff */ ++ /* we may have released our buffer, so get it again */ ++ if (wb->buf == NULL) ++ if (!ssl3_setup_write_buffer(s)) ++ return -1; + } + + if (len == 0 && !create_empty_fragment) diff --git a/openssl.changes b/openssl.changes index ce1fd41..7608765 100644 --- a/openssl.changes +++ b/openssl.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon May 5 06:45:19 UTC 2014 - citypw@gmail.com + +- Fixed bug[ bnc#876282], CVE-2014-0198 openssl: OpenSSL NULL pointer dereference in do_ssl3_write + Add file: CVE-2014-0198.patch + ------------------------------------------------------------------- Sun Apr 20 00:53:34 UTC 2014 - crrodriguez@opensuse.org diff --git a/openssl.spec b/openssl.spec index 329fd38..fbf586d 100644 --- a/openssl.spec +++ b/openssl.spec @@ -67,6 +67,7 @@ Patch18: openssl-1.0.1e-new-fips-reqs.patch Patch19: openssl-gcc-attributes.patch Patch20: openssl-buffreelistbug-aka-CVE-2010-5298.patch Patch21: openssl-libssl-noweakciphers.patch +Patch22: CVE-2014-0198.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -175,6 +176,7 @@ this package's base documentation. %patch19 -p1 %patch20 -p1 %patch21 -p1 +%patch22 -p1 cp -p %{S:10} . cp -p %{S:11} . echo "adding/overwriting some entries in the 'table' hash in Configure"