Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssl/dist/ssl Apply patchset 19476 fr...
details: https://anonhg.NetBSD.org/src/rev/4e3056f4cd6d
branches: trunk
changeset: 753429:4e3056f4cd6d
user: bouyer <bouyer%NetBSD.org@localhost>
date: Sun Mar 28 11:32:29 2010 +0000
description:
Apply patchset 19476 from openssl repository, fixing CVE-2010-0740.
from http://www.openssl.org/news/secadv_20100324.txt:
"In TLS connections, certain incorrectly formatted records can cause an OpenSSL
client or server to crash due to a read attempt at NULL".
diffstat:
crypto/external/bsd/openssl/dist/ssl/s3_pkt.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diffs (16 lines):
diff -r 4d7704657e9b -r 4e3056f4cd6d crypto/external/bsd/openssl/dist/ssl/s3_pkt.c
--- a/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c Sun Mar 28 07:31:59 2010 +0000
+++ b/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c Sun Mar 28 11:32:29 2010 +0000
@@ -337,9 +337,9 @@
if (version != s->version)
{
SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
- /* Send back error using their
- * version number :-) */
- s->version=version;
+ if ((s->version & 0xFF00) == (version & 0xFF00))
+ /* Send back error using their minor version number :-) */
+ s->version = (unsigned short)version;
al=SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
Home |
Main Index |
Thread Index |
Old Index