From 84e854a5134cc38dd29d2a0b9adb38985ffc9927b5b0f585148e1d6b9700df54 Mon Sep 17 00:00:00 2001
From: Sascha Peilicke <null@suse.de>
Date: Tue, 15 Mar 2011 08:28:50 +0000
Subject: [PATCH] Accepting request 63797 from Base:System

Accepted submit request 63797 from user coolo

OBS-URL: https://build.opensuse.org/request/show/63797
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=50
---
 CVE-2011-0014.patch | 28 ++++++++++++++++++++++++++++
 openssl.changes     |  6 ++++++
 openssl.spec        |  2 ++
 3 files changed, 36 insertions(+)
 create mode 100644 CVE-2011-0014.patch

diff --git a/CVE-2011-0014.patch b/CVE-2011-0014.patch
new file mode 100644
index 0000000..ac65f0e
--- /dev/null
+++ b/CVE-2011-0014.patch
@@ -0,0 +1,28 @@
+Index: openssl-1.0.0c/ssl/t1_lib.c
+===================================================================
+--- openssl-1.0.0c.orig/ssl/t1_lib.c
++++ openssl-1.0.0c/ssl/t1_lib.c
+@@ -917,6 +917,7 @@ int ssl_parse_clienthello_tlsext(SSL *s,
+ 						}
+ 					n2s(data, idsize);
+ 					dsize -= 2 + idsize;
++					size -= 2 + idsize;
+ 					if (dsize < 0)
+ 						{
+ 						*al = SSL_AD_DECODE_ERROR;
+@@ -955,9 +956,14 @@ int ssl_parse_clienthello_tlsext(SSL *s,
+ 					}
+ 
+ 				/* Read in request_extensions */
++				if (size < 2)
++				{
++					*al = SSL_AD_DECODE_ERROR;
++					return 0;
++				}
+ 				n2s(data,dsize);
+ 				size -= 2;
+-				if (dsize > size) 
++				if (dsize != size) 
+ 					{
+ 					*al = SSL_AD_DECODE_ERROR;
+ 					return 0;
diff --git a/openssl.changes b/openssl.changes
index b620071..6e33d06 100644
--- a/openssl.changes
+++ b/openssl.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Feb 10 07:42:01 UTC 2011 - gjhe@novell.com
+
+- fix bug [bnc#670526]
+  CVE-2011-0014,OCSP stapling vulnerability
+
 -------------------------------------------------------------------
 Sat Jan 15 19:58:51 UTC 2011 - cristian.rodriguez@opensuse.org
 
diff --git a/openssl.spec b/openssl.spec
index 50c95ca..899934b 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -49,6 +49,7 @@ Patch2:         bug610223.patch
 #Patch5:         CVE-2010-2939.patch
 #Patch6:         CVE-2010-3864.patch
 Patch7:         openssl-1.0.0b-aesni.patch
+Patch8:         CVE-2011-0014.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -183,6 +184,7 @@ Authors:
 #%patch5 -p1
 #%patch6 -p1
 %patch7 -p1
+%patch8 -p1
 cp -p %{S:10} .
 echo "adding/overwriting some entries in the 'table' hash in Configure"
 # $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags