git.annexia.org / fedora-mingw.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
* Wed Jan 28 2009 Levente Farkas <lfarkas@lfarkas.org> - 0.9.8j-1
[fedora-mingw.git] / openssl / openssl-0.9.8g-cve-2008-1671.patch
diff --git a/openssl/openssl-0.9.8g-cve-2008-1671.patch b/openssl/openssl-0.9.8g-cve-2008-1671.patch
deleted file mode 100644 (file)
index 616271b..0000000
--- a/openssl/openssl-0.9.8g-cve-2008-1671.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-*) Fix flaw if 'Server Key exchange message' is omitted from a TLS
-Handshake which could lead to a cilent crash as found using the
-Codenomicon TLS test suite (CVE-2008-1672) [Steve Henson, Mark Cox]
-Index: ssl/s3_clnt.c
-===================================================================
-RCS file: /e/openssl/cvs/openssl/ssl/s3_clnt.c,v
-retrieving revision 1.88.2.12
-diff -u -r1.88.2.12 ssl/s3_clnt.c
---- ssl/s3_clnt.c 3 Nov 2007 13:07:39 -0000
-+++ ssl/s3_clnt.c 22 May 2008 09:19:30 -0000
-@@ -2061,6 +2061,13 @@
-                       {
-                       DH *dh_srvr,*dh_clnt;
-+                        if (s->session->sess_cert == NULL) 
-+                                {
-+                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
-+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
-+                                goto err;
-+                                }
-+
-                       if (s->session->sess_cert->peer_dh_tmp != NULL)
-                               dh_srvr=s->session->sess_cert->peer_dh_tmp;
-                       else
[ARCHIVE] Fedora MinGW specfiles not yet in Fedora.