CVSROOT: /cvs Module name: src Changes by: guent...@cvs.openbsd.org 2014/08/07 23:06:56
Modified files:
lib/libssl/src/ssl: d1_both.c
Log message:
Fix CVE-2014-3507, avoid allocating and then leaking a fresh fragment
structure when a zero-length fragment is received.
Based on
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d0a4b7d1a2948fce38515b8d862f43e7ba0ebf74
diff by miod@, ok guenther@ bcook@ deraadt@
