[openssl.org #247] Openssl fix
Please obtain OpenSSL 0.9.6g. OpenSSL 0.9.6d was the last version __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #247] Openssl fix
I'm not sure I understand your question. The openssl version is: version 0.9.6d Jeff Turner Network Manager North Florida Community College (850) 973-9495 [EMAIL PROTECTED] -Original Message- From: Lutz Jaenicke via RT [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 24, 2002 4:12 PM To: Turner, Jeff Cc: [EMAIL PROTECTED] Subject: [openssl.org #247] Openssl fix [[EMAIL PROTECTED] - Sat Aug 24 22:00:31 2002]: How do I apply the following fix to openssl version 0.9.6d? What version of OpenSSL is the information aimed at? Best regards, __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #247] Openssl fix
How do I apply the following fix to openssl version 0.9.6d? Invalid ASN1 DSA parameter sequences cause d2i_DSAparams() to free a data pointer twice, leading to the usual boring chaos. Fix is appended below. This same bug appears in the following functions (same fix): d2i_DHparams() d2i_RSAPrivateKey() d2i_DSA_SIG() Glad to see Rijndael and OCSP in the latest snapshots. -- Ken Lalonde, Torus Inc, Toronto Canada diff -c -r1.1 d2i_dsap.c *** d2i_dsap.c 2000/11/15 19:56:58 1.1 --- d2i_dsap.c 2000/11/15 19:57:02 *** *** 84,89 --- 84,90 if ((ret-g=BN_bin2bn(bs-data,bs-length,ret-g)) == NULL) goto err_bn; M_ASN1_BIT_STRING_free(bs); + bs = NULL; M_ASN1_D2I_Finish_2(a); Jeff Turner [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]