openssl 1.0.0a: fix CVE-2010-2939

0.9.8 is also affected, please try the same patch if using that. Signed-off-by: Roman I Khimov <khimov@altell.ru>
author: Roman I Khimov <khimov@altell.ru> 2010-09-13 18:39:40 +0400
committer: Roman I Khimov <khimov@altell.ru> 2010-09-14 00:16:12 +0400
commit: 36f96bf1d65ed49943e3ca1abae1ad386730ba0c (patch)
tree: 7908c9848bfd823c4a052244a1b342dac9d73391 /recipes/openssl/openssl-1.0.0a
parent: aeff4da290864f5a63629f640cbd4885b218a350 (diff)
download: openembedded-36f96bf1d65ed49943e3ca1abae1ad386730ba0c.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch b/recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch
new file mode 100644
index 0000000000..4e988498a3
--- /dev/null
+++ b/recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch
@@ -0,0 +1,12 @@
+Index: openssl-1.0.0a/ssl/s3_clnt.c
+===================================================================
+--- openssl-1.0.0a.orig/ssl/s3_clnt.c	2010-09-13 18:38:01.000000000 +0400
++++ openssl-1.0.0a/ssl/s3_clnt.c	2010-09-13 18:38:35.000000000 +0400
+@@ -1508,6 +1508,7 @@
+ 		s->session->sess_cert->peer_ecdh_tmp=ecdh;
+ 		ecdh=NULL;
+ 		BN_CTX_free(bn_ctx);
++		bn_ctx = NULL;
+ 		EC_POINT_free(srvr_ecpoint);
+ 		srvr_ecpoint = NULL;
+ 		}
author	Roman I Khimov <khimov@altell.ru>	2010-09-13 18:39:40 +0400
committer	Roman I Khimov <khimov@altell.ru>	2010-09-14 00:16:12 +0400
commit	36f96bf1d65ed49943e3ca1abae1ad386730ba0c (patch)
tree	7908c9848bfd823c4a052244a1b342dac9d73391 /recipes/openssl/openssl-1.0.0a
parent	aeff4da290864f5a63629f640cbd4885b218a350 (diff)
download	openembedded-36f96bf1d65ed49943e3ca1abae1ad386730ba0c.tar.gz