[Pkg-openssl-changes] r642 - in openssl/branches/wheezy/debian: . patches
Kurt Roeckx
kroeckx at moszumanska.debian.org
Mon Jan 6 17:19:41 UTC 2014
Author: kroeckx
Date: 2014-01-06 17:19:41 +0000 (Mon, 06 Jan 2014)
New Revision: 642
Modified:
openssl/branches/wheezy/debian/changelog
openssl/branches/wheezy/debian/patches/CVE-2013-6450.patch
Log:
Fix CVE-2013-6450 patch.
Modified: openssl/branches/wheezy/debian/changelog
===================================================================
--- openssl/branches/wheezy/debian/changelog 2013-12-23 18:42:51 UTC (rev 641)
+++ openssl/branches/wheezy/debian/changelog 2014-01-06 17:19:41 UTC (rev 642)
@@ -1,3 +1,10 @@
+openssl (1.0.1e-2+deb7u2) stable-security; urgency=medium
+
+ * The patch we applied for CVE-2013-6450 was missing a commit causing
+ crashes.
+
+ -- Kurt Roeckx <kurt at roeckx.be> Mon, 06 Jan 2014 18:17:13 +0100
+
openssl (1.0.1e-2+deb7u1) stable-security; urgency=medium
* Fix CVE-2013-6449 (Closes: #732754)
Modified: openssl/branches/wheezy/debian/patches/CVE-2013-6450.patch
===================================================================
--- openssl/branches/wheezy/debian/patches/CVE-2013-6450.patch 2013-12-23 18:42:51 UTC (rev 641)
+++ openssl/branches/wheezy/debian/patches/CVE-2013-6450.patch 2014-01-06 17:19:41 UTC (rev 642)
@@ -1,7 +1,7 @@
From: "Dr. Stephen Henson" <steve at openssl.org>
Date: Fri, 20 Dec 2013 15:26:50 +0000
Subject: [PATCH] Fix DTLS retransmission from previous session.
-Origin: upstream, commit:34628967f1e65dc8f34e000f0f5518e21afbfc7b
+Origin: upstream, commit:34628967f1e65dc8f34e000f0f5518e21afbfc7b, commit:a6c62f0c25a756c263a80ce52afbae888028e986
For DTLS we might need to retransmit messages from the previous session
so keep a copy of write context in DTLS retransmission buffers instead
@@ -74,3 +74,21 @@
#ifndef OPENSSL_NO_COMP
if (s->compress != NULL)
{
+diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
+index 6fc469f..d14e8e4 100644
+--- a/crypto/evp/digest.c
++++ b/crypto/evp/digest.c
+@@ -366,8 +366,11 @@ int EVP_Digest(const void *data, size_t count,
+
+ void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
+ {
+- EVP_MD_CTX_cleanup(ctx);
+- OPENSSL_free(ctx);
++ if (ctx)
++ {
++ EVP_MD_CTX_cleanup(ctx);
++ OPENSSL_free(ctx);
++ }
+ }
+
+ /* This call frees resources associated with the context */
More information about the Pkg-openssl-changes
mailing list