git.annexia.org / fedora-mingw.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove the atk*.def file.
[fedora-mingw.git] / openssl / openssl-0.9.8g-cve-2008-0891.patch
1 *) Fix double free in TLS server name extensions which could lead to a remote
2 crash found by Codenomicon TLS test suite (CVE-2008-0891) [Joe Orton]
3 Index: ssl/t1_lib.c
4 ===================================================================
5 RCS file: /e/openssl/cvs/openssl/ssl/t1_lib.c,v
6 retrieving revision 1.13.2.8
7 diff -u -r1.13.2.8 ssl/t1_lib.c
8 --- ssl/t1_lib.c 18 Oct 2007 11:39:11 -0000
9 +++ ssl/t1_lib.c 18 Mar 2008 12:06:58 -0000
10 @@ -381,6 +381,7 @@
11                                                 s->session->tlsext_hostname[len]='\0';
12                                                 if (strlen(s->session->tlsext_hostname) != len) {
13                                                         OPENSSL_free(s->session->tlsext_hostname);
14 +                                                       s->session->tlsext_hostname = NULL;
15                                                         *al = TLS1_AD_UNRECOGNIZED_NAME;
16                                                         return 0;
17                                                 }
[ARCHIVE] Fedora MinGW specfiles not yet in Fedora.