[Frugalware-git] frugalware-current: openssl-1.0.1-8-x86_64

Mon, 05 May 2014 09:03:06 -0700 

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=139d9b72c51627624c0c1f1bfd56a5bfd5901388

commit 139d9b72c51627624c0c1f1bfd56a5bfd5901388
Author: kikadf <[email protected]>
Date:   Mon May 5 18:02:30 2014 +0200

openssl-1.0.1-8-x86_64

* Fix CVE-2014-0198

diff --git a/source/base/openssl/CVE-2014-0198.patch 
b/source/base/openssl/CVE-2014-0198.patch
new file mode 100644
index 0000000..f8e3444
--- /dev/null
+++ b/source/base/openssl/CVE-2014-0198.patch
@@ -0,0 +1,19 @@
+Description: fix denial of service via null pointer dereference
+Origin: vendor, 
http://anoncvs.estpak.ee/cgi-bin/cgit/openbsd-src/commit/lib/libssl?id=e76e308f1fab2253ab5b4ef52a1865c5ffecdf21
+Bug: http://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321
+
+Index: openssl-1.0.1f/ssl/s3_pkt.c
+===================================================================
+--- openssl-1.0.1f.orig/ssl/s3_pkt.c   2014-05-02 15:00:28.216467809 -0400
++++ openssl-1.0.1f/ssl/s3_pkt.c        2014-05-02 15:02:06.192469397 -0400
+@@ -657,6 +657,10 @@
+               if (i <= 0)
+                       return(i);
+               /* if it went, fall through and send more stuff */
++              /* we may have released our buffer, so get it again */
++              if (wb->buf == NULL)
++                      if (!ssl3_setup_write_buffer(s))
++                              return -1;
+               }
+
+       if (len == 0 && !create_empty_fragment)
diff --git a/source/base/openssl/FrugalBuild b/source/base/openssl/FrugalBuild
index 957adac..d46aab7 100644
--- a/source/base/openssl/FrugalBuild
+++ b/source/base/openssl/FrugalBuild
@@ -5,7 +5,7 @@
pkgname=openssl
pkgver=1.0.1
pkgextraver=g
-pkgrel=7
+pkgrel=8
pkgdesc="The Open Source toolkit for Secure Sockets Layer and Transport Layer 
Security"
url="http://www.openssl.org/source/";
groups=('base' 'chroot-core')
@@ -18,8 +18,8 @@ source=($url$pkgname-$pkgver$pkgextraver.tar.gz \
signatures=("$source.asc" '' '')

# FSA fix ***
-source=(${source[@]} CVE-2010-5298.patch)
-signatures=(${signatures[@]} '')
+source=(${source[@]} CVE-2010-5298.patch CVE-2014-0198.patch)
+signatures=(${signatures[@]} '' '')
# ***********

build()
_______________________________________________
Frugalware-git mailing list
[email protected]
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to