diff --git a/SOURCES/openssl-1.0.1e-cve-2016-8610.patch b/SOURCES/openssl-1.0.1e-cve-2016-8610.patch
new file mode 100644
index 0000000..84976ce
--- /dev/null
+++ b/SOURCES/openssl-1.0.1e-cve-2016-8610.patch
@@ -0,0 +1,108 @@
+diff -up openssl-1.0.1e/ssl/d1_pkt.c.many-alerts openssl-1.0.1e/ssl/d1_pkt.c
+--- openssl-1.0.1e/ssl/d1_pkt.c.many-alerts 2016-10-04 16:12:30.000000000 +0200
++++ openssl-1.0.1e/ssl/d1_pkt.c 2016-11-01 10:48:05.270349440 +0100
+@@ -915,6 +915,13 @@ start:
+ goto start;
+ }
+
++ /*
++ * Reset the count of consecutive warning alerts if we've got a non-empty
++ * record that isn't an alert.
++ */
++ if (rr->type != SSL3_RT_ALERT && rr->length != 0)
++ s->cert->alert_count = 0;
++
+ /* we now have a packet which can be read and processed */
+
+ if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
+@@ -1184,6 +1191,15 @@ start:
+ if (alert_level == 1) /* warning */
+ {
+ s->s3->warn_alert = alert_descr;
++
++ s->cert->alert_count++;
++ if (s->cert->alert_count == MAX_WARN_ALERT_COUNT)
++ {
++ al = SSL_AD_UNEXPECTED_MESSAGE;
++ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
++ goto f_err;
++ }
++
+ if (alert_descr == SSL_AD_CLOSE_NOTIFY)
+ {
+ #ifndef OPENSSL_NO_SCTP
+diff -up openssl-1.0.1e/ssl/ssl_err.c.many-alerts openssl-1.0.1e/ssl/ssl_err.c
+--- openssl-1.0.1e/ssl/ssl_err.c.many-alerts 2016-10-04 16:12:30.000000000 +0200
++++ openssl-1.0.1e/ssl/ssl_err.c 2016-11-01 10:54:04.673900027 +0100
+@@ -552,6 +552,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
+ {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),"tls invalid ecpointformat list"},
+ {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),"tls peer did not respond with certificate list"},
+ {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),"tls rsa encrypted value length is wrong"},
++{ERR_REASON(SSL_R_TOO_MANY_WARN_ALERTS), "too many warn alerts"},
+ {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),"tried to use unsupported cipher"},
+ {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),"unable to decode dh certs"},
+ {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),"unable to decode ecdh certs"},
+diff -up openssl-1.0.1e/ssl/ssl.h.many-alerts openssl-1.0.1e/ssl/ssl.h
+--- openssl-1.0.1e/ssl/ssl.h.many-alerts 2016-10-04 16:12:30.000000000 +0200
++++ openssl-1.0.1e/ssl/ssl.h 2016-11-01 10:52:48.442086392 +0100
+@@ -2474,6 +2474,7 @@ void ERR_load_SSL_strings(void);
+ #define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+ #define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
+ #define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
++#define SSL_R_TOO_MANY_WARN_ALERTS 409
+ #define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
+ #define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
+ #define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
+diff -up openssl-1.0.1e/ssl/ssl_locl.h.many-alerts openssl-1.0.1e/ssl/ssl_locl.h
+--- openssl-1.0.1e/ssl/ssl_locl.h.many-alerts 2016-10-04 16:12:30.000000000 +0200
++++ openssl-1.0.1e/ssl/ssl_locl.h 2016-11-01 10:55:39.171148215 +0100
+@@ -485,6 +485,8 @@ typedef struct cert_pkey_st
+ const EVP_MD *digest;
+ } CERT_PKEY;
+
++# define MAX_WARN_ALERT_COUNT 5
++
+ typedef struct cert_st
+ {
+ /* Current active set */
+@@ -516,6 +518,7 @@ typedef struct cert_st
+ CERT_PKEY pkeys[SSL_PKEY_NUM];
+
+ int references; /* >1 only if SSL_copy_session_id is used */
++ unsigned int alert_count;
+ } CERT;
+
+
+diff -up openssl-1.0.1e/ssl/s3_pkt.c.many-alerts openssl-1.0.1e/ssl/s3_pkt.c
+--- openssl-1.0.1e/ssl/s3_pkt.c.many-alerts 2016-10-04 16:12:30.000000000 +0200
++++ openssl-1.0.1e/ssl/s3_pkt.c 2016-11-01 10:51:21.504018044 +0100
+@@ -1009,6 +1009,13 @@ start:
+ if (ret <= 0) return(ret);
+ }
+
++ /*
++ * Reset the count of consecutive warning alerts if we've got a non-empty
++ * record that isn't an alert.
++ */
++ if (rr->type != SSL3_RT_ALERT && rr->length != 0)
++ s->cert->alert_count = 0;
++
+ /* we now have a packet which can be read and processed */
+
+ if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
+@@ -1225,6 +1232,15 @@ start:
+ if (alert_level == 1) /* warning */
+ {
+ s->s3->warn_alert = alert_descr;
++
++ s->cert->alert_count++;
++ if (s->cert->alert_count == MAX_WARN_ALERT_COUNT)
++ {
++ al = SSL_AD_UNEXPECTED_MESSAGE;
++ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
++ goto f_err;
++ }
++
+ if (alert_descr == SSL_AD_CLOSE_NOTIFY)
+ {
+ s->shutdown |= SSL_RECEIVED_SHUTDOWN;
diff --git a/SOURCES/openssl-1.0.1e-cve-2017-3731.patch b/SOURCES/openssl-1.0.1e-cve-2017-3731.patch
new file mode 100644
index 0000000..2deb8b2
--- /dev/null
+++ b/SOURCES/openssl-1.0.1e-cve-2017-3731.patch
@@ -0,0 +1,45 @@
+diff -up openssl-1.0.1e/crypto/evp/e_aes.c.truncated openssl-1.0.1e/crypto/evp/e_aes.c
+--- openssl-1.0.1e/crypto/evp/e_aes.c.truncated 2016-11-09 15:31:47.000000000 +0100
++++ openssl-1.0.1e/crypto/evp/e_aes.c 2017-01-30 13:29:46.700570930 +0100
+@@ -796,11 +796,17 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *
+ gctx->tls_aad_len = arg;
+ {
+ unsigned int len=c->buf[arg-2]<<8|c->buf[arg-1];
++ if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN)
++ return 0;
+ /* Correct length for explicit IV */
+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ /* If decrypting correct for tag too */
+ if (!c->encrypt)
++ {
++ if (len < EVP_GCM_TLS_TAG_LEN)
++ return 0;
+ len -= EVP_GCM_TLS_TAG_LEN;
++ }
+ c->buf[arg-2] = len>>8;
+ c->buf[arg-1] = len & 0xff;
+ }
+diff -up openssl-1.0.1e/crypto/evp/e_rc4_hmac_md5.c.truncated openssl-1.0.1e/crypto/evp/e_rc4_hmac_md5.c
+--- openssl-1.0.1e/crypto/evp/e_rc4_hmac_md5.c.truncated 2013-02-11 16:26:04.000000000 +0100
++++ openssl-1.0.1e/crypto/evp/e_rc4_hmac_md5.c 2017-01-30 10:33:12.954714810 +0100
+@@ -257,6 +257,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_
+
+ if (!ctx->encrypt)
+ {
++ if (len < MD5_DIGEST_LENGTH)
++ return -1;
+ len -= MD5_DIGEST_LENGTH;
+ p[arg-2] = len>>8;
+ p[arg-1] = len;
+diff -up openssl-1.0.1e/ssl/t1_enc.c.truncated openssl-1.0.1e/ssl/t1_enc.c
+--- openssl-1.0.1e/ssl/t1_enc.c.truncated 2017-01-09 16:42:47.000000000 +0100
++++ openssl-1.0.1e/ssl/t1_enc.c 2017-01-30 10:37:32.836053160 +0100
+@@ -805,6 +805,8 @@ int tls1_enc(SSL *s, int send)
+ buf[11]=rec->length>>8;
+ buf[12]=rec->length&0xff;
+ pad=EVP_CIPHER_CTX_ctrl(ds,EVP_CTRL_AEAD_TLS1_AAD,13,buf);
++ if (pad <= 0)
++ return -1;
+ if (send)
+ {
+ l+=pad;
diff --git a/SPECS/openssl.spec b/SPECS/openssl.spec
index 297ecc1..9adae69 100644
--- a/SPECS/openssl.spec
+++ b/SPECS/openssl.spec
@@ -23,7 +23,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.0.1e
-Release: 60%{?dist}
+Release: 60%{?dist}.1
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@@ -171,6 +171,8 @@ Patch161: openssl-1.0.1e-cve-2016-2182.patch
Patch162: openssl-1.0.1e-cve-2016-6302.patch
Patch163: openssl-1.0.1e-cve-2016-6304.patch
Patch164: openssl-1.0.1e-cve-2016-6306.patch
+Patch166: openssl-1.0.1e-cve-2016-8610.patch
+Patch167: openssl-1.0.1e-cve-2017-3731.patch
License: OpenSSL
Group: System Environment/Libraries
@@ -373,6 +375,8 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
%patch162 -p1 -b .ticket-length
%patch163 -p1 -b .ocsp-memgrowth
%patch164 -p1 -b .certmsg-len
+%patch166 -p1 -b .many-alerts
+%patch167 -p1 -b .truncated
sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
@@ -640,6 +644,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun libs -p /sbin/ldconfig
%changelog
+* Mon Feb 6 2017 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-60.1
+- fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher
+- fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts
+
* Thu Sep 22 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-60
- fix CVE-2016-2177 - possible integer overflow
- fix CVE-2016-2178 - non-constant time DSA operations