summaryrefslogtreecommitdiffstats
path: root/crypto/openssl
diff options
context:
space:
mode:
authordelphij <delphij@FreeBSD.org>2014-04-30 04:03:05 +0000
committerdelphij <delphij@FreeBSD.org>2014-04-30 04:03:05 +0000
commitacd73984630e6a51a8052a175ac5f2f1c5dfd085 (patch)
treec2e87c5609de4037ca9af52f1c2a4c50c4c7b4ec /crypto/openssl
parent65035c2d373a589bbcff4d0443d3615d615ccd9d (diff)
downloadFreeBSD-src-acd73984630e6a51a8052a175ac5f2f1c5dfd085.zip
FreeBSD-src-acd73984630e6a51a8052a175ac5f2f1c5dfd085.tar.gz
Fix devfs rules not applied by default for jails.
Fix OpenSSL use-after-free vulnerability. Fix TCP reassembly vulnerability. Security: FreeBSD-SA-14:07.devfs Security: CVE-2014-3001 Security: FreeBSD-SA-14:08.tcp Security: CVE-2014-3000 Security: FreeBSD-SA-14:09.openssl Security: CVE-2010-5298
Diffstat (limited to 'crypto/openssl')
-rw-r--r--crypto/openssl/ssl/s3_pkt.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/s3_pkt.c b/crypto/openssl/ssl/s3_pkt.c
index 96ba632..8deeab3 100644
--- a/crypto/openssl/ssl/s3_pkt.c
+++ b/crypto/openssl/ssl/s3_pkt.c
@@ -1055,7 +1055,7 @@ start:
{
s->rstate=SSL_ST_READ_HEADER;
rr->off=0;
- if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
ssl3_release_read_buffer(s);
}
}
OpenPOWER on IntegriCloud