Date: Mon, 14 Apr 2014 08:40:28 +1000 From: Dewayne Geraghty <dewayne.geraghty@heuristicsystems.com.au> To: freebsd-security@freebsd.org, dinoex@freebsd.org Subject: Re: OpenSSL followup SSL_MODE_RELEASE_BUFFERS Message-ID: <534B125C.90000@heuristicsystems.com.au> In-Reply-To: <alpine.BSF.2.00.1404130957330.17735@pohjola.cksoft.de> References: <alpine.BSF.2.00.1404130957330.17735@pohjola.cksoft.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 13/04/2014 6:09 PM, Christian Kratzer wrote: > Hi, > > apparentyly openbsd has more or less silently fixed an older openssl > issue that has been stuck in the openssl bug tracker: > > The openbsd patch: > > http://www.openbsd.org/errata55.html#004_openssl > > > http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig > > The original issue: > > > http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse > > Here is the openssl bug: > > http://rt.openssl.org/Ticket/Display.html?id=2167 > > The patch; > > diff -u -p -u -r1.20 -r1.20.4.1 > --- lib/libssl/src/ssl/s3_pkt.c 27 Feb 2014 21:04:57 -0000 1.20 > +++ lib/libssl/src/ssl/s3_pkt.c 12 Apr 2014 17:01:14 -0000 > 1.20.4.1 > @@ -1054,7 +1054,7 @@ start: > { > s->rstate=SSL_ST_READ_HEADER; > rr->off=0; > - if (s->mode & SSL_MODE_RELEASE_BUFFERS) > + if (s->mode & SSL_MODE_RELEASE_BUFFERS && > s->s3->rbuf.left == 0) > ssl3_release_read_buffer(s); > } > } > > Can somebody rattle openssl upstream to get them to comment on this ? > > Should freebsd roll out a patch ? > > Greetings > Christian > Thank-you Dirk for promptly deploying the patch to openssl port: http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup Regards, Dewayne
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?534B125C.90000>