1 files changed, 31 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch
new file mode 100644
index 0000000000..2bb0626d99
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch
@@ -0,0 +1,31 @@
+From 964632f37dfdfb914ebc5e49db4fa29af35b1de9 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
+Date: Sat, 27 Aug 2016 17:00:22 +0200
+Subject: [PATCH] ocsp: corrected the comparison of the serial size in OCSP
+ response
+Previously the OCSP certificate check wouldn't verify the serial length
+and could succeed in cases it shouldn't.
+Reported by Stefan Buehler.
+Upstream-Status: Backport
+CVE: CVE-2016-7444
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ lib/x509/ocsp.c | 1 +
+ 1 file changed, 1 insertion(+)
+Index: gnutls-3.3.17.1/lib/x509/ocsp.c
+===================================================================
+--- gnutls-3.3.17.1.orig/lib/x509/ocsp.c
+++ gnutls-3.3.17.1/lib/x509/ocsp.c
+@@ -1257,6 +1257,7 @@ gnutls_ocsp_resp_check_crt(gnutls_ocsp_r
+                gnutls_assert();
+                goto cleanup;
+        }
+       cserial.size = t;
+ 
+        if (rserial.size != cserial.size
+            || memcmp(cserial.data, rserial.data, rserial.size) != 0) {

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch new file mode 100644 index 0000000000..2bb0626d99 --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch
@@ -0,0 +1,31 @@
	1	From 964632f37dfdfb914ebc5e49db4fa29af35b1de9 Mon Sep 17 00:00:00 2001
	2	From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
	3	Date: Sat, 27 Aug 2016 17:00:22 +0200
	4	Subject: [PATCH] ocsp: corrected the comparison of the serial size in OCSP
	5	response
	6
	7	Previously the OCSP certificate check wouldn't verify the serial length
	8	and could succeed in cases it shouldn't.
	9
	10	Reported by Stefan Buehler.
	11
	12	Upstream-Status: Backport
	13	CVE: CVE-2016-7444
	14	Signed-off-by: Armin Kuster <akuster@mvista.com>
	15
	16	---
	17	lib/x509/ocsp.c \| 1 +
	18	1 file changed, 1 insertion(+)
	19
	20	Index: gnutls-3.3.17.1/lib/x509/ocsp.c
	21	===================================================================
	22	--- gnutls-3.3.17.1.orig/lib/x509/ocsp.c
	23	+++ gnutls-3.3.17.1/lib/x509/ocsp.c
	24	@@ -1257,6 +1257,7 @@ gnutls_ocsp_resp_check_crt(gnutls_ocsp_r
	25	gnutls_assert();
	26	goto cleanup;
	27	}
	28	+ cserial.size = t;
	29
	30	if (rserial.size != cserial.size
	31	\|\| memcmp(cserial.data, rserial.data, rserial.size) != 0) {