[Pkg-openssl-changes] r186 - in openssl/trunk: crypto/dh debian
Kurt Roeckx
kroeckx at alioth.debian.org
Thu Nov 30 21:54:43 CET 2006
Author: kroeckx
Date: 2006-11-30 21:54:43 +0100 (Thu, 30 Nov 2006)
New Revision: 186
Modified:
openssl/trunk/crypto/dh/dh_key.c
openssl/trunk/debian/changelog
Log:
* Fix patch for CVE-2006-2940, it left ctx unintiliased.
Modified: openssl/trunk/crypto/dh/dh_key.c
===================================================================
--- openssl/trunk/crypto/dh/dh_key.c 2006-11-30 20:53:44 UTC (rev 185)
+++ openssl/trunk/crypto/dh/dh_key.c 2006-11-30 20:54:43 UTC (rev 186)
@@ -173,7 +173,7 @@
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{
- BN_CTX *ctx;
+ BN_CTX *ctx=NULL;
BN_MONT_CTX *mont=NULL;
BIGNUM *tmp;
int ret= -1;
Modified: openssl/trunk/debian/changelog
===================================================================
--- openssl/trunk/debian/changelog 2006-11-30 20:53:44 UTC (rev 185)
+++ openssl/trunk/debian/changelog 2006-11-30 20:54:43 UTC (rev 186)
@@ -1,3 +1,9 @@
+openssl (0.9.8c-3) unstable; urgency=low
+
+ * Fix patch for CVE-2006-2940, it left ctx unintiliased.
+
+ -- Kurt Roeckx <kurt at roeckx.be> Mon, 2 Oct 2006 18:05:00 +0200
+
openssl (0.9.8c-2) unstable; urgency=high
* Fix security vulnerabilities (CVE-2006-2937, CVE-2006-2940,
More information about the Pkg-openssl-changes
mailing list