X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=openssl%2Fopenssl-0.9.8g-cve-2008-1671.patch;fp=openssl%2Fopenssl-0.9.8g-cve-2008-1671.patch;h=0000000000000000000000000000000000000000;hb=07249a30ba32d6532c039334032d9cad1f005627;hp=616271b5216e26b2568a5ce17573a02a479e1c72;hpb=82225b1e26fd921b0b2448988b9c067683c0e887;p=fedora-mingw.git

diff --git a/openssl/openssl-0.9.8g-cve-2008-1671.patch b/openssl/openssl-0.9.8g-cve-2008-1671.patch
deleted file mode 100644
index 616271b..0000000
--- a/openssl/openssl-0.9.8g-cve-2008-1671.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-*) Fix flaw if 'Server Key exchange message' is omitted from a TLS
-Handshake which could lead to a cilent crash as found using the
-Codenomicon TLS test suite (CVE-2008-1672) [Steve Henson, Mark Cox]
-Index: ssl/s3_clnt.c
-===================================================================
-RCS file: /e/openssl/cvs/openssl/ssl/s3_clnt.c,v
-retrieving revision 1.88.2.12
-diff -u -r1.88.2.12 ssl/s3_clnt.c
---- ssl/s3_clnt.c 3 Nov 2007 13:07:39 -0000
-+++ ssl/s3_clnt.c 22 May 2008 09:19:30 -0000
-@@ -2061,6 +2061,13 @@
- 			{
- 			DH *dh_srvr,*dh_clnt;
- 
-+                        if (s->session->sess_cert == NULL) 
-+                                {
-+                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
-+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
-+                                goto err;
-+                                }
-+
- 			if (s->session->sess_cert->peer_dh_tmp != NULL)
- 				dh_srvr=s->session->sess_cert->peer_dh_tmp;
- 			else