1 files changed, 66 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/0005-nedded-for-CVE-2014-8275.patch b/meta/recipes-connectivity/openssl/openssl/0005-nedded-for-CVE-2014-8275.patch
new file mode 100644
index 0000000000..7143ee7d2e
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/0005-nedded-for-CVE-2014-8275.patch
@@ -0,0 +1,66 @@
+From 5a1e8c67a90aead86ccc2dda324e8f897d1a044d Mon Sep 17 00:00:00 2001
+From: Kurt Roeckx <kurt@roeckx.be>
+Date: Mon, 15 Dec 2014 17:15:16 +0100
+Subject: [PATCH] Return error when a bit string indicates an invalid amount of
+ bits left
+Reviewed-by: Matt Caswell <matt@openssl.org>
+Upstream-Status: Backport
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ crypto/asn1/a_bitstr.c | 7 ++++++-
+ crypto/asn1/asn1.h     | 1 +
+ crypto/asn1/asn1_err.c | 1 +
+ 3 files changed, 8 insertions(+), 1 deletion(-)
+diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
+index 0cb899f..4ca4a56 100644
+--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
+@@ -136,11 +136,16 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
+ 
+        p= *pp;
+        i= *(p++);
+       if (i > 7)
+               {
+               i=ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
+               goto err;
+               }
+        /* We do this to preserve the settings.  If we modify
+         * the settings, via the _set_bit function, we will recalculate
+         * on output */
+        ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
+-       ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
+       ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|i); /* set */
+ 
+        if (len-- > 1) /* using one because of the bits left byte */
+                {
+diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
+index ed1a28a..37adcb3 100644
+--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
+@@ -1350,6 +1350,7 @@ void ERR_load_ASN1_strings(void);
+ #define ASN1_R_ILLEGAL_TIME_VALUE                       184
+ #define ASN1_R_INTEGER_NOT_ASCII_FORMAT                         185
+ #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG               128
+#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT             220
+ #define ASN1_R_INVALID_BMPSTRING_LENGTH                         129
+ #define ASN1_R_INVALID_DIGIT                            130
+ #define ASN1_R_INVALID_MIME_TYPE                        205
+diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
+index 0217049..6eb47f7 100644
+--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
+@@ -249,6 +249,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
+ {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE)   ,"illegal time value"},
+ {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"},
+ {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
+{ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT),"invalid bit string bits left"},
+ {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
+ {ERR_REASON(ASN1_R_INVALID_DIGIT)        ,"invalid digit"},
+ {ERR_REASON(ASN1_R_INVALID_MIME_TYPE)    ,"invalid mime type"},
+-- 
+1.9.1

diff --git a/meta/recipes-connectivity/openssl/openssl/0005-nedded-for-CVE-2014-8275.patch b/meta/recipes-connectivity/openssl/openssl/0005-nedded-for-CVE-2014-8275.patch new file mode 100644 index 0000000000..7143ee7d2e --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0005-nedded-for-CVE-2014-8275.patch
@@ -0,0 +1,66 @@
	1	From 5a1e8c67a90aead86ccc2dda324e8f897d1a044d Mon Sep 17 00:00:00 2001
	2	From: Kurt Roeckx <kurt@roeckx.be>
	3	Date: Mon, 15 Dec 2014 17:15:16 +0100
	4	Subject: [PATCH] Return error when a bit string indicates an invalid amount of
	5	bits left
	6
	7	Reviewed-by: Matt Caswell <matt@openssl.org>
	8
	9	Upstream-Status: Backport
	10
	11	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
	12	---
	13	crypto/asn1/a_bitstr.c \| 7 ++++++-
	14	crypto/asn1/asn1.h \| 1 +
	15	crypto/asn1/asn1_err.c \| 1 +
	16	3 files changed, 8 insertions(+), 1 deletion(-)
	17
	18	diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
	19	index 0cb899f..4ca4a56 100644
	20	--- a/crypto/asn1/a_bitstr.c
	21	+++ b/crypto/asn1/a_bitstr.c
	22	@@ -136,11 +136,16 @@ ASN1_BIT_STRING c2i_ASN1_BIT_STRING(ASN1_BIT_STRING *a,
	23
	24	p= *pp;
	25	i= *(p++);
	26	+ if (i > 7)
	27	+ {
	28	+ i=ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
	29	+ goto err;
	30	+ }
	31	/* We do this to preserve the settings. If we modify
	32	* the settings, via the _set_bit function, we will recalculate
	33	* on output */
	34	ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT\|0x07); /* clear */
	35	- ret->flags\|=(ASN1_STRING_FLAG_BITS_LEFT\|(i&0x07)); /* set */
	36	+ ret->flags\|=(ASN1_STRING_FLAG_BITS_LEFT\|i); /* set */
	37
	38	if (len-- > 1) /* using one because of the bits left byte */
	39	{
	40	diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
	41	index ed1a28a..37adcb3 100644
	42	--- a/crypto/asn1/asn1.h
	43	+++ b/crypto/asn1/asn1.h
	44	@@ -1350,6 +1350,7 @@ void ERR_load_ASN1_strings(void);
	45	#define ASN1_R_ILLEGAL_TIME_VALUE 184
	46	#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
	47	#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
	48	+#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
	49	#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
	50	#define ASN1_R_INVALID_DIGIT 130
	51	#define ASN1_R_INVALID_MIME_TYPE 205
	52	diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
	53	index 0217049..6eb47f7 100644
	54	--- a/crypto/asn1/asn1_err.c
	55	+++ b/crypto/asn1/asn1_err.c
	56	@@ -249,6 +249,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
	57	{ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) ,"illegal time value"},
	58	{ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"},
	59	{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
	60	+{ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT),"invalid bit string bits left"},
	61	{ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
	62	{ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"},
	63	{ERR_REASON(ASN1_R_INVALID_MIME_TYPE) ,"invalid mime type"},
	64	--
	65	1.9.1
	66