svn commit: r352928 - in head/security/openssl: . files
Dirk Meyer
dinoex at FreeBSD.org
Sat May 3 16:36:43 UTC 2014
Author: dinoex
Date: Sat May 3 16:36:42 2014
New Revision: 352928
URL: http://svnweb.freebsd.org/changeset/ports/352928
QAT: https://qat.redports.org/buildarchive/r352928/
Log:
- Security patch
Security: CVE-2014-0198
Security: http://seclists.org/oss-sec/2014/q2/232
Security: https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321
Obtained from: OpenBSD
Modified:
head/security/openssl/Makefile
head/security/openssl/files/patch-ssl-s3_pkt.c
Modified: head/security/openssl/Makefile
==============================================================================
--- head/security/openssl/Makefile Sat May 3 16:24:01 2014 (r352927)
+++ head/security/openssl/Makefile Sat May 3 16:36:42 2014 (r352928)
@@ -4,7 +4,7 @@
PORTNAME= openssl
PORTVERSION= 1.0.1
DISTVERSIONSUFFIX= g
-PORTREVISION= 11
+PORTREVISION= 12
CATEGORIES= security devel
MASTER_SITES= http://www.openssl.org/%SUBDIR%/ \
ftp://ftp.openssl.org/%SUBDIR%/ \
Modified: head/security/openssl/files/patch-ssl-s3_pkt.c
==============================================================================
--- head/security/openssl/files/patch-ssl-s3_pkt.c Sat May 3 16:24:01 2014 (r352927)
+++ head/security/openssl/files/patch-ssl-s3_pkt.c Sat May 3 16:36:42 2014 (r352928)
@@ -1,13 +1,22 @@
-Index: crypto/openssl/ssl/s3_pkt.c
-===================================================================
---- ssl/s3_pkt.c (revision 264309)
-+++ ssl/s3_pkt.c (working copy)
-@@ -1055,7 +1055,7 @@ start:
- {
- s->rstate=SSL_ST_READ_HEADER;
- rr->off=0;
+--- ssl/s3_pkt.c.orig 2014-03-17 17:14:20.000000000 +0100
++++ ssl/s3_pkt.c 2014-05-03 18:07:28.000000000 +0200
+@@ -657,6 +657,10 @@
+ if (i <= 0)
+ return(i);
+ /* if it went, fall through and send more stuff */
++ /* we may have released our buffer, so get it again */
++ if (wb->buf == NULL)
++ if (!ssl3_setup_write_buffer(s))
++ return -1;
+ }
+
+ if (len == 0 && !create_empty_fragment)
+@@ -1055,7 +1059,7 @@
+ {
+ s->rstate=SSL_ST_READ_HEADER;
+ rr->off=0;
- if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
- ssl3_release_read_buffer(s);
- }
- }
+ ssl3_release_read_buffer(s);
+ }
+ }
More information about the svn-ports-all
mailing list