Attachment 154341 Details for Bug 223429 – openssl-0.9.8g-CVE-2008-0891.patch

[patch] openssl-0.9.8g-CVE-2008-0891.patch

openssl-0.9.8g-CVE-2008-0891.patch (text/plain), 1.21 KB, created by Robert Buchholz (RETIRED) on 2008-05-26 11:13:04 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Robert Buchholz (RETIRED)

Created: 2008-05-26 11:13:04 UTC

Size: 1.21 KB

patch

obsolete

>Index: CHANGES
>===================================================================
>RCS file: /e/openssl/cvs/openssl/CHANGES,v
>retrieving revision 1.1238.2.86
>diff -u -r1.1238.2.86 CHANGES
>--- CHANGES	28 Feb 2008 13:35:58 -0000	1.1238.2.86
>+++ CHANGES	18 Mar 2008 12:06:57 -0000
>@@ -4,6 +4,9 @@
> 
>  Changes between 0.9.8g and 0.9.8h  [xx XXX xxxx]
> 
>+  *) Fix double free in TLS server name extensions which could lead to a remote
>+     crash found by Codenomicon TLS test suite (CVE-2008-0891) [Joe Orton]
>+
>   *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
>      to get the expected BN_FLG_CONSTTIME behavior.
>      [Bodo Moeller (Google)]
>Index: ssl/t1_lib.c
>===================================================================
>RCS file: /e/openssl/cvs/openssl/ssl/t1_lib.c,v
>retrieving revision 1.13.2.8
>diff -u -r1.13.2.8 t1_lib.c
>--- ssl/t1_lib.c	18 Oct 2007 11:39:11 -0000	1.13.2.8
>+++ ssl/t1_lib.c	18 Mar 2008 12:06:58 -0000
>@@ -381,6 +381,7 @@
> 						s->session->tlsext_hostname[len]='\0';
> 						if (strlen(s->session->tlsext_hostname) != len) {
> 							OPENSSL_free(s->session->tlsext_hostname);
>+							s->session->tlsext_hostname = NULL;
> 							*al = TLS1_AD_UNRECOGNIZED_NAME;
> 							return 0;
> 						}

Actions: View | Diff

Attachments on bug 223429: 154341 | 154343