Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 154341 Details for
Bug 223429
dev-libs/openssl >=0.9.8f <0.9.8g-r2 Denial of Service vulnerabilities (CVE-2008-0891, CVE-2008-1672)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
openssl-0.9.8g-CVE-2008-0891.patch
openssl-0.9.8g-CVE-2008-0891.patch (text/plain), 1.21 KB, created by
Robert Buchholz (RETIRED)
on 2008-05-26 11:13:04 UTC
(
hide
)
Description:
openssl-0.9.8g-CVE-2008-0891.patch
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2008-05-26 11:13:04 UTC
Size:
1.21 KB
patch
obsolete
>Index: CHANGES >=================================================================== >RCS file: /e/openssl/cvs/openssl/CHANGES,v >retrieving revision 1.1238.2.86 >diff -u -r1.1238.2.86 CHANGES >--- CHANGES 28 Feb 2008 13:35:58 -0000 1.1238.2.86 >+++ CHANGES 18 Mar 2008 12:06:57 -0000 >@@ -4,6 +4,9 @@ > > Changes between 0.9.8g and 0.9.8h [xx XXX xxxx] > >+ *) Fix double free in TLS server name extensions which could lead to a remote >+ crash found by Codenomicon TLS test suite (CVE-2008-0891) [Joe Orton] >+ > *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set() > to get the expected BN_FLG_CONSTTIME behavior. > [Bodo Moeller (Google)] >Index: ssl/t1_lib.c >=================================================================== >RCS file: /e/openssl/cvs/openssl/ssl/t1_lib.c,v >retrieving revision 1.13.2.8 >diff -u -r1.13.2.8 t1_lib.c >--- ssl/t1_lib.c 18 Oct 2007 11:39:11 -0000 1.13.2.8 >+++ ssl/t1_lib.c 18 Mar 2008 12:06:58 -0000 >@@ -381,6 +381,7 @@ > s->session->tlsext_hostname[len]='\0'; > if (strlen(s->session->tlsext_hostname) != len) { > OPENSSL_free(s->session->tlsext_hostname); >+ s->session->tlsext_hostname = NULL; > *al = TLS1_AD_UNRECOGNIZED_NAME; > return 0; > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 223429
: 154341 |
154343