diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2010-10-08 07:50:08 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2010-10-08 07:50:08 +0000 |
commit | 928dd04996fb7ede6cbd646c1e48222910b07ff8 (patch) | |
tree | b9840a6db39fcbdc2205a0a5ee8d5c4a0ca24dc1 | |
parent | 86c997fd2ae3c6e065b661f22f11368a24cd0edb (diff) | |
download | aports-928dd04996fb7ede6cbd646c1e48222910b07ff8.tar.bz2 aports-928dd04996fb7ede6cbd646c1e48222910b07ff8.tar.xz |
main/openssl: fix double free. cve-2010-2939
-rw-r--r-- | main/openssl/APKBUILD | 6 | ||||
-rw-r--r-- | main/openssl/cve-2010-2939.patch | 12 |
2 files changed, 16 insertions, 2 deletions
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD index b7d334bb89..5f5399d718 100644 --- a/main/openssl/APKBUILD +++ b/main/openssl/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=openssl pkgver=1.0.0a -pkgrel=3 +pkgrel=4 pkgdesc="Toolkit for SSL v2/v3 and TLS v1" url="http://openssl.org" depends= @@ -19,6 +19,7 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz 0003-engines-e_padlock-backport-cvs-head-changes.patch 0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch 0005-crypto-engine-autoload-padlock-dynamic-engine.patch + cve-2010-2939.patch " _builddir="$srcdir"/$pkgname-$pkgver @@ -74,4 +75,5 @@ c6a9857a5dbd30cead0404aa7dd73977 openssl-bb-basename.patch 5ba830cf1e828192c8c40023dc92917d 0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch 53fbd01733b488717575e04a5aaf6664 0003-engines-e_padlock-backport-cvs-head-changes.patch beea8819faeefb9ab19ef90f00c53782 0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch -8bc7a427f6005158585386b9837f700c 0005-crypto-engine-autoload-padlock-dynamic-engine.patch" +8bc7a427f6005158585386b9837f700c 0005-crypto-engine-autoload-padlock-dynamic-engine.patch +6fae2ff07483b001249c1944e5e14a1d cve-2010-2939.patch" diff --git a/main/openssl/cve-2010-2939.patch b/main/openssl/cve-2010-2939.patch new file mode 100644 index 0000000000..29b5f844f2 --- /dev/null +++ b/main/openssl/cve-2010-2939.patch @@ -0,0 +1,12 @@ +http://bugs.gentoo.org/332027 + +--- a/ssl/s3_clnt.c ++++ b/ssl/s3_clnt.c +@@ -1508,6 +1508,7 @@ + s->session->sess_cert->peer_ecdh_tmp=ecdh; + ecdh=NULL; + BN_CTX_free(bn_ctx); ++ bn_ctx = NULL; + EC_POINT_free(srvr_ecpoint); + srvr_ecpoint = NULL; + } |