1 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p1.patch b/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p1.patch
new file mode 100644
index 0000000000..823869e85e
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p1.patch
@@ -0,0 +1,39 @@
+From 367688c05988bc7257d7e1801c5acf17ef7e854d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
+Date: Tue, 12 Feb 2019 15:09:11 +0100
+Subject: [PATCH 1/3] Automatically NULLify after gnutls_free()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+This method prevents direct use-after-free and
+double-free issues.
+Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
+CVE: CVE-2019-3829
+Upstream-Status: Backport
+[https://gitlab.com/gnutls/gnutls/commit/d39778e43d1674cb3ab3685157fd299816d535c0]
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ lib/includes/gnutls/gnutls.h.in | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
+index 49990b5f5..fa77fd0df 100644
+--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
+@@ -2132,6 +2132,10 @@ extern _SYM_EXPORT gnutls_realloc_function gnutls_realloc;
+ extern _SYM_EXPORT gnutls_calloc_function gnutls_calloc;
+ extern _SYM_EXPORT gnutls_free_function gnutls_free;
+ 
+#ifdef GNUTLS_INTERNAL_BUILD
+#define gnutls_free(a) gnutls_free((void *) (a)), a=NULL
+#endif
+
+ extern _SYM_EXPORT char *(*gnutls_strdup) (const char *);
+ 
+ /* a variant of memset that doesn't get optimized out */
+-- 
+2.22.0.vfs.1.1.57.gbaf16c8

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p1.patch b/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p1.patch new file mode 100644 index 0000000000..823869e85e --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p1.patch
@@ -0,0 +1,39 @@
	1	From 367688c05988bc7257d7e1801c5acf17ef7e854d Mon Sep 17 00:00:00 2001
	2	From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
	3	Date: Tue, 12 Feb 2019 15:09:11 +0100
	4	Subject: [PATCH 1/3] Automatically NULLify after gnutls_free()
	5	MIME-Version: 1.0
	6	Content-Type: text/plain; charset=UTF-8
	7	Content-Transfer-Encoding: 8bit
	8
	9	This method prevents direct use-after-free and
	10	double-free issues.
	11
	12	Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
	13
	14	CVE: CVE-2019-3829
	15	Upstream-Status: Backport
	16	[https://gitlab.com/gnutls/gnutls/commit/d39778e43d1674cb3ab3685157fd299816d535c0]
	17
	18	Signed-off-by: Dan Tran <dantran@microsoft.com>
	19	---
	20	lib/includes/gnutls/gnutls.h.in \| 4 ++++
	21	1 file changed, 4 insertions(+)
	22
	23	diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
	24	index 49990b5f5..fa77fd0df 100644
	25	--- a/lib/includes/gnutls/gnutls.h.in
	26	+++ b/lib/includes/gnutls/gnutls.h.in
	27	@@ -2132,6 +2132,10 @@ extern _SYM_EXPORT gnutls_realloc_function gnutls_realloc;
	28	extern _SYM_EXPORT gnutls_calloc_function gnutls_calloc;
	29	extern _SYM_EXPORT gnutls_free_function gnutls_free;
	30
	31	+#ifdef GNUTLS_INTERNAL_BUILD
	32	+#define gnutls_free(a) gnutls_free((void *) (a)), a=NULL
	33	+#endif
	34	+
	35	extern _SYM_EXPORT char (gnutls_strdup) (const char *);
	36
	37	/* a variant of memset that doesn't get optimized out */
	38	--
	39	2.22.0.vfs.1.1.57.gbaf16c8