1 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p3.patch b/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p3.patch
new file mode 100644
index 0000000000..d27ea4a918
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p3.patch
@@ -0,0 +1,36 @@
+From bf616850cf20af2bec3d68b82e6ac610ee8fc404 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
+Date: Tue, 12 Feb 2019 15:20:23 +0100
+Subject: [PATCH 3/3] gnutls_x509_crt_init: Fix dereference of NULL pointer
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
+CVE: CVE-2019-3829
+Upstream-Status: Backport
+[https://gitlab.com/gnutls/gnutls/commit/6b5cbc9ea5bdca704bdbe2f8fb551f720d634bc6]
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ lib/x509/x509.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/lib/x509/x509.c b/lib/x509/x509.c
+index c149881f6..cc232ea50 100644
+--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
+@@ -224,8 +224,8 @@ int gnutls_x509_crt_init(gnutls_x509_crt_t * cert)
+        if (result < 0) {
+                gnutls_assert();
+                asn1_delete_structure(&tmp->cert);
+-               gnutls_free(tmp);
+                gnutls_subject_alt_names_deinit(tmp->san);
+               gnutls_free(tmp);
+                return result;
+        }
+ 
+-- 
+2.22.0.vfs.1.1.57.gbaf16c8

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p3.patch b/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p3.patch new file mode 100644 index 0000000000..d27ea4a918 --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p3.patch
@@ -0,0 +1,36 @@
	1	From bf616850cf20af2bec3d68b82e6ac610ee8fc404 Mon Sep 17 00:00:00 2001
	2	From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
	3	Date: Tue, 12 Feb 2019 15:20:23 +0100
	4	Subject: [PATCH 3/3] gnutls_x509_crt_init: Fix dereference of NULL pointer
	5	MIME-Version: 1.0
	6	Content-Type: text/plain; charset=UTF-8
	7	Content-Transfer-Encoding: 8bit
	8
	9	Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
	10
	11	CVE: CVE-2019-3829
	12	Upstream-Status: Backport
	13	[https://gitlab.com/gnutls/gnutls/commit/6b5cbc9ea5bdca704bdbe2f8fb551f720d634bc6]
	14
	15	Signed-off-by: Dan Tran <dantran@microsoft.com>
	16	---
	17	lib/x509/x509.c \| 2 +-
	18	1 file changed, 1 insertion(+), 1 deletion(-)
	19
	20	diff --git a/lib/x509/x509.c b/lib/x509/x509.c
	21	index c149881f6..cc232ea50 100644
	22	--- a/lib/x509/x509.c
	23	+++ b/lib/x509/x509.c
	24	@@ -224,8 +224,8 @@ int gnutls_x509_crt_init(gnutls_x509_crt_t * cert)
	25	if (result < 0) {
	26	gnutls_assert();
	27	asn1_delete_structure(&tmp->cert);
	28	- gnutls_free(tmp);
	29	gnutls_subject_alt_names_deinit(tmp->san);
	30	+ gnutls_free(tmp);
	31	return result;
	32	}
	33
	34	--
	35	2.22.0.vfs.1.1.57.gbaf16c8
	36