diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 00:47:27 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 00:47:27 +0000 |
| commit | d5eb37dd4a5a433c40c3c1e7ead424add62663f8 (patch) | |
| tree | 6a18289cb463d11227d1fa4c990548e50a09d917 /debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch | |
| parent | Adding upstream version 4.92. (diff) | |
| download | exim4-debian.tar.xz exim4-debian.zip | |
Adding debian version 4.92-8+deb10u6.debian/4.92-8+deb10u6debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch')
| -rw-r--r-- | debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch b/debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch new file mode 100644 index 0000000..3a488b3 --- /dev/null +++ b/debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch @@ -0,0 +1,33 @@ +From 86cafc842feb6223476568921c2d3e06c706cc31 Mon Sep 17 00:00:00 2001 +From: Qualys Security Advisory <qsa@qualys.com> +Date: Sun, 21 Feb 2021 19:05:56 -0800 +Subject: [PATCH 02/29] CVE-2020-28018: Use-after-free in tls-openssl.c + +--- + src/tls-openssl.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/src/tls-openssl.c b/src/tls-openssl.c +index e751edd9a..2a8d4cabd 100644 +--- a/src/tls-openssl.c ++++ b/src/tls-openssl.c +@@ -2910,16 +2910,12 @@ a store reset there, so use POOL_PERM. */ + + if (!ct_ctx && (more || corked)) + { +-#ifdef EXPERIMENTAL_PIPE_CONNECT + int save_pool = store_pool; + store_pool = POOL_PERM; +-#endif + + corked = string_catn(corked, buff, len); + +-#ifdef EXPERIMENTAL_PIPE_CONNECT + store_pool = save_pool; +-#endif + + if (more) + { +-- +2.30.2 + |