X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=openssl%2Fopenssl-0.9.8g-cve-2008-0891.patch;fp=openssl%2Fopenssl-0.9.8g-cve-2008-0891.patch;h=eb9d1fd9aaead09d0e8e4658b5ced1dedefd9e23;hb=3a8181459ea2c1a6b62ce60be2f43c052f040799;hp=0000000000000000000000000000000000000000;hpb=90bb28e6fc23fae2d055da670f7840883be3d275;p=fedora-mingw.git

diff --git a/openssl/openssl-0.9.8g-cve-2008-0891.patch b/openssl/openssl-0.9.8g-cve-2008-0891.patch
new file mode 100644
index 0000000..eb9d1fd
--- /dev/null
+++ b/openssl/openssl-0.9.8g-cve-2008-0891.patch
@@ -0,0 +1,17 @@
+*) Fix double free in TLS server name extensions which could lead to a remote
+crash found by Codenomicon TLS test suite (CVE-2008-0891) [Joe Orton]
+Index: ssl/t1_lib.c
+===================================================================
+RCS file: /e/openssl/cvs/openssl/ssl/t1_lib.c,v
+retrieving revision 1.13.2.8
+diff -u -r1.13.2.8 ssl/t1_lib.c
+--- ssl/t1_lib.c 18 Oct 2007 11:39:11 -0000
++++ ssl/t1_lib.c 18 Mar 2008 12:06:58 -0000
+@@ -381,6 +381,7 @@
+ 						s->session->tlsext_hostname[len]='\0';
+ 						if (strlen(s->session->tlsext_hostname) != len) {
+ 							OPENSSL_free(s->session->tlsext_hostname);
++							s->session->tlsext_hostname = NULL;
+ 							*al = TLS1_AD_UNRECOGNIZED_NAME;
+ 							return 0;
+ 						}