gnutls: Fix CVE-2019-3829 and CVE-2019-3836

Signed-off-by: Dan Tran <dantran@microsoft.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

1 files changed, 35 insertions, 0 deletions

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2019-3836.patch b/meta/recipes-support/gnutls/gnutls/CVE-2019-3836.patch
new file mode 100644
index 0000000000..4aeb689347
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2019-3836.patch
@@ -0,0 +1,35 @@
+From c68195f0ff65144d7e0c32f4de5f264c4012983a Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <dueno@redhat.com>
+Date: Mon, 25 Mar 2019 16:06:39 +0100
+Subject: [PATCH] handshake: add missing initialization of local variable
+
+Resolves: #704
+
+Signed-off-by: Daiki Ueno <dueno@redhat.com>
+Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
+
+CVE: CVE-2019-3836
+Upstream-Status: Backport
+[https://gitlab.com/gnutls/gnutls/commit/96e07075e8f105b13e76b11e493d5aa2dd937226]
+
+Signed-off-by: Dan Tran <dantran@microsoft.com>
+---
+ lib/handshake-tls13.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c
+index 06c7c01d2..82689b5d8 100644
+--- a/lib/handshake-tls13.c
++++ b/lib/handshake-tls13.c
+@@ -534,6 +534,8 @@ _gnutls13_recv_async_handshake(gnutls_session_t session)
+ 		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+ 
+ 	do {
++		_gnutls_handshake_buffer_init(&hsk);
++
+ 		/* the received handshake message has already been pushed into
+ 		 * handshake buffers. As we do not need to use the handshake hash
+ 		 * buffers we call the lower level receive functions */
+-- 
+2.22.0.vfs.1.1.57.gbaf16c8
+