From owner-svn-ports-head@FreeBSD.ORG Sun Apr 13 08:40:14 2014 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 96255CDA; Sun, 13 Apr 2014 08:40:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8332716D1; Sun, 13 Apr 2014 08:40:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3D8eErR031493; Sun, 13 Apr 2014 08:40:14 GMT (envelope-from dinoex@svn.freebsd.org) Received: (from dinoex@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3D8eE1X031490; Sun, 13 Apr 2014 08:40:14 GMT (envelope-from dinoex@svn.freebsd.org) Message-Id: <201404130840.s3D8eE1X031490@svn.freebsd.org> From: Dirk Meyer Date: Sun, 13 Apr 2014 08:40:14 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r351191 - in head/security/openssl: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Apr 2014 08:40:14 -0000 Author: dinoex Date: Sun Apr 13 08:40:13 2014 New Revision: 351191 URL: http://svnweb.freebsd.org/changeset/ports/351191 QAT: https://qat.redports.org/buildarchive/r351191/ Log: - fix a 4 year old "use-after-free" problem https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/008_openssl.patch Obtained from: OpenBSD Added: head/security/openssl/files/patch-ssl-s3_pkt.c (contents, props changed) Modified: head/security/openssl/Makefile Modified: head/security/openssl/Makefile ============================================================================== --- head/security/openssl/Makefile Sun Apr 13 08:34:32 2014 (r351190) +++ head/security/openssl/Makefile Sun Apr 13 08:40:13 2014 (r351191) @@ -4,7 +4,7 @@ PORTNAME= openssl PORTVERSION= 1.0.1 DISTVERSIONSUFFIX= g -PORTREVISION= 10 +PORTREVISION= 11 CATEGORIES= security devel MASTER_SITES= http://www.openssl.org/%SUBDIR%/ \ ftp://ftp.openssl.org/%SUBDIR%/ \ Added: head/security/openssl/files/patch-ssl-s3_pkt.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-ssl-s3_pkt.c Sun Apr 13 08:40:13 2014 (r351191) @@ -0,0 +1,13 @@ +Index: crypto/openssl/ssl/s3_pkt.c +=================================================================== +--- ssl/s3_pkt.c (revision 264309) ++++ ssl/s3_pkt.c (working copy) +@@ -1055,7 +1055,7 @@ start: + { + s->rstate=SSL_ST_READ_HEADER; + rr->off=0; +- if (s->mode & SSL_MODE_RELEASE_BUFFERS) ++ if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0) + ssl3_release_read_buffer(s); + } + }