main/openssl: fix double free. cve-2010-2939

2 files changed, 16 insertions, 2 deletions

diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index b7d334bb8..5f5399d71 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=openssl
 pkgver=1.0.0a
-pkgrel=3
+pkgrel=4
 pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
 url="http://openssl.org"
 depends=
@@ -19,6 +19,7 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
 	0003-engines-e_padlock-backport-cvs-head-changes.patch
 	0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
 	0005-crypto-engine-autoload-padlock-dynamic-engine.patch
+	cve-2010-2939.patch
 	"
 
 _builddir="$srcdir"/$pkgname-$pkgver
@@ -74,4 +75,5 @@ c6a9857a5dbd30cead0404aa7dd73977  openssl-bb-basename.patch
 5ba830cf1e828192c8c40023dc92917d  0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
 53fbd01733b488717575e04a5aaf6664  0003-engines-e_padlock-backport-cvs-head-changes.patch
 beea8819faeefb9ab19ef90f00c53782  0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
-8bc7a427f6005158585386b9837f700c  0005-crypto-engine-autoload-padlock-dynamic-engine.patch"
+8bc7a427f6005158585386b9837f700c  0005-crypto-engine-autoload-padlock-dynamic-engine.patch
+6fae2ff07483b001249c1944e5e14a1d  cve-2010-2939.patch"
diff --git a/main/openssl/cve-2010-2939.patch b/main/openssl/cve-2010-2939.patch
new file mode 100644
index 000000000..29b5f844f
--- /dev/null
+++ b/main/openssl/cve-2010-2939.patch
@@ -0,0 +1,12 @@
+http://bugs.gentoo.org/332027
+
+--- a/ssl/s3_clnt.c
++++ b/ssl/s3_clnt.c
+@@ -1508,6 +1508,7 @@
+ 		s->session->sess_cert->peer_ecdh_tmp=ecdh;
+ 		ecdh=NULL;
+ 		BN_CTX_free(bn_ctx);
++		bn_ctx = NULL;
+ 		EC_POINT_free(srvr_ecpoint);
+ 		srvr_ecpoint = NULL;
+ 		}