summaryrefslogtreecommitdiffstats
path: root/debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch')
-rw-r--r--debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch33
1 files changed, 33 insertions, 0 deletions
diff --git a/debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch b/debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch
new file mode 100644
index 0000000..3a488b3
--- /dev/null
+++ b/debian/patches/84_02-CVE-2020-28018-Use-after-free-in-tls-openssl.c.patch
@@ -0,0 +1,33 @@
+From 86cafc842feb6223476568921c2d3e06c706cc31 Mon Sep 17 00:00:00 2001
+From: Qualys Security Advisory <qsa@qualys.com>
+Date: Sun, 21 Feb 2021 19:05:56 -0800
+Subject: [PATCH 02/29] CVE-2020-28018: Use-after-free in tls-openssl.c
+
+---
+ src/tls-openssl.c | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/src/tls-openssl.c b/src/tls-openssl.c
+index e751edd9a..2a8d4cabd 100644
+--- a/src/tls-openssl.c
++++ b/src/tls-openssl.c
+@@ -2910,16 +2910,12 @@ a store reset there, so use POOL_PERM. */
+
+ if (!ct_ctx && (more || corked))
+ {
+-#ifdef EXPERIMENTAL_PIPE_CONNECT
+ int save_pool = store_pool;
+ store_pool = POOL_PERM;
+-#endif
+
+ corked = string_catn(corked, buff, len);
+
+-#ifdef EXPERIMENTAL_PIPE_CONNECT
+ store_pool = save_pool;
+-#endif
+
+ if (more)
+ {
+--
+2.30.2
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 15:46:49 +0000