From d9d42adfbd8b87641c95ae4f91c14a8621de0d00 Mon Sep 17 00:00:00 2001 From: Andrzej Zawadzki Date: Mon, 28 Apr 2014 13:19:42 +0200 Subject: [PATCH] - add patch from upstream https://rt.openssl.org/Ticket/Display.html?id=3265 and fix: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d1f4b0f3d262edf1cf7023a01d5404945035d5 --- openssl-fix_use_after_free.patch | 15 +++++++++++++++ openssl.spec | 5 +++++ 2 files changed, 20 insertions(+) create mode 100644 openssl-fix_use_after_free.patch diff --git a/openssl-fix_use_after_free.patch b/openssl-fix_use_after_free.patch new file mode 100644 index 0000000..f00d291 --- /dev/null +++ b/openssl-fix_use_after_free.patch @@ -0,0 +1,15 @@ +diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c +index b9e45c7..30b74c2 100644 +--- a/ssl/s3_pkt.c ++++ b/ssl/s3_pkt.c +@@ -1335,7 +1335,8 @@ start: + s->rstate=SSL_ST_READ_HEADER; + rr->off=0; + if (s->mode & SSL_MODE_RELEASE_BUFFERS) +- ssl3_release_read_buffer(s); ++ if (s->s3->rbuf.left == 0) /* no read-ahead left? */ ++ ssl3_release_read_buffer(s); + } + } + return(n); + diff --git a/openssl.spec b/openssl.spec index e44f791..f5a0ec0 100644 --- a/openssl.spec +++ b/openssl.spec @@ -41,6 +41,9 @@ Patch10: default_bits.patch Patch11: pic.patch Patch12: stddef.patch +# from upstream +Patch13: %{name}-fix_use_after_free.patch + URL: http://www.openssl.org/ BuildRequires: bc BuildRequires: perl-devel >= 1:5.6.1 @@ -262,6 +265,8 @@ RC4, RSA и SSL. Включает статические библиотеки д %patch11 -p1 %patch12 -p1 +%patch13 -p1 + sed -i -e 's|\$prefix/\$libdir/engines|/%{_lib}/engines|g' Configure %build -- 2.43.0