diff --git a/CVE-2014-0198.patch b/CVE-2014-0198.patch
new file mode 100644
index 0000000..68c82d0
--- /dev/null
+++ b/CVE-2014-0198.patch
@@ -0,0 +1,15 @@
+Index: openssl-1.0.1g/ssl/s3_pkt.c
+===================================================================
+--- openssl-1.0.1g.orig/ssl/s3_pkt.c
++++ openssl-1.0.1g/ssl/s3_pkt.c
+@@ -657,6 +657,10 @@ static int do_ssl3_write(SSL *s, int typ
+ 		if (i <= 0)
+ 			return(i);
+ 		/* if it went, fall through and send more stuff */
++		/* we may have released our buffer, so get it again */
++		if (wb->buf == NULL)
++			if (!ssl3_setup_write_buffer(s))
++				return -1;
+ 		}
+ 
+ 	if (len == 0 && !create_empty_fragment)
diff --git a/openssl.changes b/openssl.changes
index ce1fd41..7608765 100644
--- a/openssl.changes
+++ b/openssl.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon May  5 06:45:19 UTC 2014 - citypw@gmail.com
+
+- Fixed bug[ bnc#876282], CVE-2014-0198 openssl: OpenSSL NULL pointer dereference in do_ssl3_write
+  Add file: CVE-2014-0198.patch
+
 -------------------------------------------------------------------
 Sun Apr 20 00:53:34 UTC 2014 - crrodriguez@opensuse.org
 
diff --git a/openssl.spec b/openssl.spec
index 329fd38..fbf586d 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -67,6 +67,7 @@ Patch18:        openssl-1.0.1e-new-fips-reqs.patch
 Patch19:        openssl-gcc-attributes.patch
 Patch20:        openssl-buffreelistbug-aka-CVE-2010-5298.patch
 Patch21:        openssl-libssl-noweakciphers.patch
+Patch22:        CVE-2014-0198.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -175,6 +176,7 @@ this package's base documentation.
 %patch19 -p1
 %patch20 -p1
 %patch21 -p1
+%patch22 -p1
 cp -p %{S:10} .
 cp -p %{S:11} .
 echo "adding/overwriting some entries in the 'table' hash in Configure"