diff options
author | 2010-09-13 18:39:40 +0400 | |
---|---|---|
committer | 2010-09-14 00:16:12 +0400 | |
commit | 36f96bf1d65ed49943e3ca1abae1ad386730ba0c (patch) | |
tree | 7908c9848bfd823c4a052244a1b342dac9d73391 /recipes/openssl/openssl-1.0.0a | |
parent | aeff4da290864f5a63629f640cbd4885b218a350 (diff) | |
download | openembedded-36f96bf1d65ed49943e3ca1abae1ad386730ba0c.tar.gz |
openssl 1.0.0a: fix CVE-2010-2939
0.9.8 is also affected, please try the same patch if using that.
Signed-off-by: Roman I Khimov <khimov@altell.ru>
Diffstat (limited to 'recipes/openssl/openssl-1.0.0a')
-rw-r--r-- | recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch b/recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch new file mode 100644 index 0000000000..4e988498a3 --- /dev/null +++ b/recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch @@ -0,0 +1,12 @@ +Index: openssl-1.0.0a/ssl/s3_clnt.c +=================================================================== +--- openssl-1.0.0a.orig/ssl/s3_clnt.c 2010-09-13 18:38:01.000000000 +0400 ++++ openssl-1.0.0a/ssl/s3_clnt.c 2010-09-13 18:38:35.000000000 +0400 +@@ -1508,6 +1508,7 @@ + s->session->sess_cert->peer_ecdh_tmp=ecdh; + ecdh=NULL; + BN_CTX_free(bn_ctx); ++ bn_ctx = NULL; + EC_POINT_free(srvr_ecpoint); + srvr_ecpoint = NULL; + } |