aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2010-10-08 07:50:08 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2010-10-08 07:50:08 +0000
commit928dd04996fb7ede6cbd646c1e48222910b07ff8 (patch)
treeb9840a6db39fcbdc2205a0a5ee8d5c4a0ca24dc1
parent86c997fd2ae3c6e065b661f22f11368a24cd0edb (diff)
downloadaports-928dd04996fb7ede6cbd646c1e48222910b07ff8.tar.bz2
aports-928dd04996fb7ede6cbd646c1e48222910b07ff8.tar.xz
main/openssl: fix double free. cve-2010-2939
-rw-r--r--main/openssl/APKBUILD6
-rw-r--r--main/openssl/cve-2010-2939.patch12
2 files changed, 16 insertions, 2 deletions
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index b7d334bb89..5f5399d718 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=openssl
pkgver=1.0.0a
-pkgrel=3
+pkgrel=4
pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
url="http://openssl.org"
depends=
@@ -19,6 +19,7 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
0003-engines-e_padlock-backport-cvs-head-changes.patch
0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
0005-crypto-engine-autoload-padlock-dynamic-engine.patch
+ cve-2010-2939.patch
"
_builddir="$srcdir"/$pkgname-$pkgver
@@ -74,4 +75,5 @@ c6a9857a5dbd30cead0404aa7dd73977 openssl-bb-basename.patch
5ba830cf1e828192c8c40023dc92917d 0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
53fbd01733b488717575e04a5aaf6664 0003-engines-e_padlock-backport-cvs-head-changes.patch
beea8819faeefb9ab19ef90f00c53782 0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
-8bc7a427f6005158585386b9837f700c 0005-crypto-engine-autoload-padlock-dynamic-engine.patch"
+8bc7a427f6005158585386b9837f700c 0005-crypto-engine-autoload-padlock-dynamic-engine.patch
+6fae2ff07483b001249c1944e5e14a1d cve-2010-2939.patch"
diff --git a/main/openssl/cve-2010-2939.patch b/main/openssl/cve-2010-2939.patch
new file mode 100644
index 0000000000..29b5f844f2
--- /dev/null
+++ b/main/openssl/cve-2010-2939.patch
@@ -0,0 +1,12 @@
+http://bugs.gentoo.org/332027
+
+--- a/ssl/s3_clnt.c
++++ b/ssl/s3_clnt.c
+@@ -1508,6 +1508,7 @@
+ s->session->sess_cert->peer_ecdh_tmp=ecdh;
+ ecdh=NULL;
+ BN_CTX_free(bn_ctx);
++ bn_ctx = NULL;
+ EC_POINT_free(srvr_ecpoint);
+ srvr_ecpoint = NULL;
+ }