main/openssl: security fix to CVE-2014-0198

ref #2916
author: Timo Teräs <timo.teras@iki.fi> 2014-05-29 15:41:53 +0300
committer: Timo Teräs <timo.teras@iki.fi> 2014-05-29 15:42:27 +0300
commit: 5b76f90f8063484f2aac02ab411ecfe67008538d (patch)
tree: bda1d15a714c7170fb35eda02b80a80fd49bdf56 /main/openssl
parent: 1a9a0430790d7829d9ee53e0fbc17dbe6c7a6b69 (diff)
download: aports-5b76f90f8063484f2aac02ab411ecfe67008538d.tar.bz2
aports-5b76f90f8063484f2aac02ab411ecfe67008538d.tar.xz
2 files changed, 42 insertions, 1 deletions
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index 0bc902b02b..90eb0ce03f 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Timo Teras <timo.teras@iki.fi>
 pkgname=openssl
 pkgver=1.0.1g
-pkgrel=2
+pkgrel=3
 pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
 url="http://openssl.org"
 depends=
@@ -15,6 +15,7 @@ license="openssl"
 subpackages="$pkgname-dev $pkgname-doc libcrypto1.0:libcrypto libssl1.0:libssl"
 
 source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
+	CVE-2014-0198.patch
 	fix-manpages.patch
 	openssl-bb-basename.patch
 	0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
@@ -122,6 +123,7 @@ libssl() {
 }
 
 md5sums="de62b43dfcd858e66a74bee1c834e959  openssl-1.0.1g.tar.gz
+bede51cf4d58b63baee73191ac292f6d  CVE-2014-0198.patch
 115c481cd59b3dba631364e8fb1778f5  fix-manpages.patch
 c6a9857a5dbd30cead0404aa7dd73977  openssl-bb-basename.patch
 ddb5fc155145d5b852425adaec32234d  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
@@ -137,6 +139,7 @@ efec1bce615256961b1756e575ee1d0a  fix-default-apps-capath.patch
 b7f2421187ae2b4c7e424cda2022d41d  abi-compat-no-freelists.patch
 148545f22ee15fc737b35768be4aa0cf  fix-use-after-free-without-freelist.patch"
 sha256sums="53cb818c3b90e507a8348f4f5eaedb05d8bfe5358aabb508b7263cc670c3e028  openssl-1.0.1g.tar.gz
+845973d589d087b720f7a328b2298e87307fd9218830c9b1b3e31ad7a1278d73  CVE-2014-0198.patch
 fe844e21b2c42da2d8e9c89350211d70c0829f45532b89b7e492bfde589ee7ed  fix-manpages.patch
 82863c2fed659a7186c7f3905a1853b8bd8060350ad101ce159fa7e7d2ba27e8  openssl-bb-basename.patch
 18dd81fefb39b3328a444774ed10871ed50348ca171d2da9f826f916127b2dae  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
@@ -152,6 +155,7 @@ bd56e5fe1b6fe594ab93f34d25fef0b7372633bad8532f81da998f3e6655d221  openssl-1.0.1-
 41c7c1e5bea7f7e0ccc59203a48f097948627d72fcf87f943fcfe8c14b4069a2  abi-compat-no-freelists.patch
 5dd2b8c2d86b6859e8dd34f27924bb251ba0f64856c49edff351c18941483a52  fix-use-after-free-without-freelist.patch"
 sha512sums="66ebbad3c8ad98a07b486d39d0c3ae62b00133f8f2877cf8b97c461e7c7f40b29cf9c3cae82cf73a92dcf1daa63d33aa76c910fbcbe60158589fc7cb48f41e6d  openssl-1.0.1g.tar.gz
+fbd399f406fd6decdfa14a9457e969a939f49c71fc9b9b33d8ff40705a49732a10fa6aa0a5a015106ee9b3ee95aee9db1bf06839f1487961200f7f95fa954d93  CVE-2014-0198.patch
 880411d56da49946d24328445728367e0bf13b0fd47954971514bee8cd5613a038ad8aeaf68da2c92f4634deb022febd7b3e37f9bbfc5d2c9c8b3b5ffd971407  fix-manpages.patch
 6c4f4b0c1b606b3e5a8175618c4398923392f9c25ad8d3f5b65b0424fe51e104c4f456d2da590d9f572382225ab320278e88db1585790092450cad60a02819a5  openssl-bb-basename.patch
 ea282b09d4692a29e5a554e19b0798fa921717d4892decc68cba92cad11e85e4064d8ac78d98f6fa8bb45c65fdd1a5d1a6f6755e53102d520e9d8b807c3a7822  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
diff --git a/main/openssl/CVE-2014-0198.patch b/main/openssl/CVE-2014-0198.patch
new file mode 100644
index 0000000000..c473719551
--- /dev/null
+++ b/main/openssl/CVE-2014-0198.patch
@@ -0,0 +1,37 @@
+From b107586c0c3447ea22dba8698ebbcd81bb29d48c Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Mon, 12 May 2014 00:38:37 +0100
+Subject: [PATCH] Fixed NULL pointer dereference. See PR#3321
+
+---
+ ssl/s3_pkt.c |    7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
+index 40eb0dd..d961d12 100644
+--- a/ssl/s3_pkt.c
++++ b/ssl/s3_pkt.c
+@@ -657,9 +657,6 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
+ 	SSL3_BUFFER *wb=&(s->s3->wbuf);
+ 	SSL_SESSION *sess;
+ 
+- 	if (wb->buf == NULL)
+-		if (!ssl3_setup_write_buffer(s))
+-			return -1;
+ 
+ 	/* first check if there is a SSL3_BUFFER still being written
+ 	 * out.  This will happen with non blocking IO */
+@@ -675,6 +672,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
+ 		/* if it went, fall through and send more stuff */
+ 		}
+ 
++ 	if (wb->buf == NULL)
++		if (!ssl3_setup_write_buffer(s))
++			return -1;
++
+ 	if (len == 0 && !create_empty_fragment)
+ 		return 0;
+ 
+-- 
+1.7.9.5
+
author	Timo Teräs <timo.teras@iki.fi>	2014-05-29 15:41:53 +0300
committer	Timo Teräs <timo.teras@iki.fi>	2014-05-29 15:42:27 +0300
commit	5b76f90f8063484f2aac02ab411ecfe67008538d (patch)
tree	bda1d15a714c7170fb35eda02b80a80fd49bdf56 /main/openssl
parent	1a9a0430790d7829d9ee53e0fbc17dbe6c7a6b69 (diff)
download	aports-5b76f90f8063484f2aac02ab411ecfe67008538d.tar.bz2 aports-5b76f90f8063484f2aac02ab411ecfe67008538d.tar.xz