← Back to branch summary

~ubuntu-branches/ubuntu/lucid/openssl/lucid-proposed

« back to all changes in this revision

Viewing changes to debian/patches/CVE-2009-1378.patch

  • Committer: Bazaar Package Importer
  • Author(s): Nicolas Valcárcel Scerpella (Canonical)
  • Date: 2009-12-06 20:16:24 UTC
  • mfrom: (11.1.9 sid)
  • Revision ID: james.westby@ubuntu.com-20091206201624-u126qjpqm2n2uuhu
Tags: 0.9.8k-7ubuntu1
https://launchpad.net/bugs/493392
* Merge from debian unstable, remaining changes (LP: #493392):
  - Link using -Bsymbolic-functions
  - Add support for lpia
  - Disable SSLv2 during compile
  - Ship documentation in openssl-doc, suggested by the package.
  - Use a different priority for libssl0.9.8/restart-services
    depending on whether a desktop, or server dist-upgrade is being
    performed.
  - Display a system restart required notification bubble on libssl0.9.8
    upgrade.
  - Replace duplicate files in the doc directory with symlinks.
  - Move runtime libraries to /lib, for the benefit of wpasupplicant
* Strip the patches out of the source into quilt patches
* Disable CVE-2009-3555.patch

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/CVE-2009-1378.patch
 
1
Index: openssl-0.9.8k/ssl/d1_both.c
 
2
===================================================================
 
3
--- openssl-0.9.8k.orig/ssl/d1_both.c   2007-10-17 23:17:49.000000000 +0200
 
4
+++ openssl-0.9.8k/ssl/d1_both.c        2009-07-19 11:37:44.000000000 +0200
 
5
@@ -561,7 +561,16 @@
 
6
        if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
 
7
                goto err;
 
8
 
 
9
-       if (msg_hdr->seq <= s->d1->handshake_read_seq)
 
10
+       /* Try to find item in queue, to prevent duplicate entries */
 
11
+       pq_64bit_init(&seq64);
 
12
+       pq_64bit_assign_word(&seq64, msg_hdr->seq);
 
13
+       item = pqueue_find(s->d1->buffered_messages, seq64);
 
14
+       pq_64bit_free(&seq64);
 
15
+       
 
16
+       /* Discard the message if sequence number was already there, is
 
17
+        * too far in the future or the fragment is already in the queue */
 
18
+       if (msg_hdr->seq <= s->d1->handshake_read_seq ||
 
19
+               msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL)
 
20
                {
 
21
                unsigned char devnull [256];
 
22