* Wed Jan 28 2009 Levente Farkas <lfarkas@lfarkas.org> - 0.9.8j-1

[fedora-mingw.git] / openssl / openssl-0.9.8g-cve-2008-0891.patch

diff --git a/openssl/openssl-0.9.8g-cve-2008-0891.patch b/openssl/openssl-0.9.8g-cve-2008-0891.patch
deleted file mode 100644 (file)
index eb9d1fd..0000000
--- a/openssl/openssl-0.9.8g-cve-2008-0891.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-*) Fix double free in TLS server name extensions which could lead to a remote
-crash found by Codenomicon TLS test suite (CVE-2008-0891) [Joe Orton]
-Index: ssl/t1_lib.c
-===================================================================
-RCS file: /e/openssl/cvs/openssl/ssl/t1_lib.c,v
-retrieving revision 1.13.2.8
-diff -u -r1.13.2.8 ssl/t1_lib.c
---- ssl/t1_lib.c 18 Oct 2007 11:39:11 -0000
-+++ ssl/t1_lib.c 18 Mar 2008 12:06:58 -0000
-@@ -381,6 +381,7 @@
-                                               s->session->tlsext_hostname[len]='\0';
-                                               if (strlen(s->session->tlsext_hostname) != len) {
-                                                       OPENSSL_free(s->session->tlsext_hostname);
-+                                                      s->session->tlsext_hostname = NULL;
-                                                       *al = TLS1_AD_UNRECOGNIZED_NAME;
-                                                       return 0;
-                                               }