[Pkg-openssl-changes] r318 - in openssl/trunk: debian ssl
chrism at alioth.debian.org
chrism at alioth.debian.org
Tue Jun 10 10:07:10 UTC 2008
Author: chrism
Date: 2008-06-10 10:07:10 +0000 (Tue, 10 Jun 2008)
New Revision: 318
Modified:
openssl/trunk/debian/changelog
openssl/trunk/ssl/t1_lib.c
Log:
include fixes from 10.1 NMB by Security team
- Fix double free in TLS server name extension which leads to a remote
denial of service (CVE-2008-0891; Closes: #483379).
Modified: openssl/trunk/debian/changelog
===================================================================
--- openssl/trunk/debian/changelog 2008-06-04 12:46:01 UTC (rev 317)
+++ openssl/trunk/debian/changelog 2008-06-10 10:07:10 UTC (rev 318)
@@ -6,8 +6,11 @@
* add Vcs-Svn header (closes: #481654)
* fix debian-kfreebsd-i386 build flags (closes: #482275)
* add stunnel4 to restart list (closes: #482111)
+ * include fixes from 10.1 NMB by Security team
+ - Fix double free in TLS server name extension which leads to a remote
+ denial of service (CVE-2008-0891; Closes: #483379).
- -- Christoph Martin <christoph.martin at uni-mainz.de> Wed, 4 Jun 2008 14:45:25 +0200
+ -- Christoph Martin <christoph.martin at uni-mainz.de> Tue, 10 Jun 2008 12:06:37 +0200
openssl (0.9.8g-10) unstable; urgency=low
Modified: openssl/trunk/ssl/t1_lib.c
===================================================================
--- openssl/trunk/ssl/t1_lib.c 2008-06-04 12:46:01 UTC (rev 317)
+++ openssl/trunk/ssl/t1_lib.c 2008-06-10 10:07:10 UTC (rev 318)
@@ -332,6 +332,7 @@
s->session->tlsext_hostname[len]='\0';
if (strlen(s->session->tlsext_hostname) != len) {
OPENSSL_free(s->session->tlsext_hostname);
+ s->session->tlsext_hostname = NULL;
*al = TLS1_AD_UNRECOGNIZED_NAME;
return 0;
}
More information about the Pkg-openssl-changes
mailing list