Hello community, here is the log from the commit of package openssl for openSUSE:Factory checked in at 2014-05-06 13:39:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openssl (Old) and /work/SRC/openSUSE:Factory/.openssl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssl" Changes: -------- --- /work/SRC/openSUSE:Factory/openssl/openssl.changes 2014-04-26 17:01:46.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.openssl.new/openssl.changes 2014-05-06 13:39:37.000000000 +0200 @@ -1,0 +2,6 @@ +Mon May 5 06:45:19 UTC 2014 - [email protected] + +- Fixed bug[ bnc#876282], CVE-2014-0198 openssl: OpenSSL NULL pointer dereference in do_ssl3_write + Add file: CVE-2014-0198.patch + +------------------------------------------------------------------- New: ---- CVE-2014-0198.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl.spec ++++++ --- /var/tmp/diff_new_pack.uvgYfL/_old 2014-05-06 13:39:38.000000000 +0200 +++ /var/tmp/diff_new_pack.uvgYfL/_new 2014-05-06 13:39:38.000000000 +0200 @@ -67,6 +67,7 @@ Patch19: openssl-gcc-attributes.patch Patch20: openssl-buffreelistbug-aka-CVE-2010-5298.patch Patch21: openssl-libssl-noweakciphers.patch +Patch22: CVE-2014-0198.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -175,6 +176,7 @@ %patch19 -p1 %patch20 -p1 %patch21 -p1 +%patch22 -p1 cp -p %{S:10} . cp -p %{S:11} . echo "adding/overwriting some entries in the 'table' hash in Configure" ++++++ CVE-2014-0198.patch ++++++ Index: openssl-1.0.1g/ssl/s3_pkt.c =================================================================== --- openssl-1.0.1g.orig/ssl/s3_pkt.c +++ openssl-1.0.1g/ssl/s3_pkt.c @@ -657,6 +657,10 @@ static int do_ssl3_write(SSL *s, int typ if (i <= 0) return(i); /* if it went, fall through and send more stuff */ + /* we may have released our buffer, so get it again */ + if (wb->buf == NULL) + if (!ssl3_setup_write_buffer(s)) + return -1; } if (len == 0 && !create_empty_fragment) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
