[packages/openssl] - add patch from upstream https://rt.openssl.org/Ticket/Display.html?id=3265 and fix: http://git.

[zawadaa]

commit d9d42adfbd8b87641c95ae4f91c14a8621de0d00
Author: Andrzej Zawadzki <zawadaa at pld-linux.org>
Date:   Mon Apr 28 13:19:42 2014 +0200

    - add patch from upstream
    	https://rt.openssl.org/Ticket/Display.html?id=3265
    	and fix:
    	http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d1f4b0f3d262edf1cf7023a01d5404945035d5

 openssl-fix_use_after_free.patch | 15 +++++++++++++++
 openssl.spec                     |  5 +++++
 2 files changed, 20 insertions(+)
---
diff --git a/openssl.spec b/openssl.spec
index e44f791..f5a0ec0 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -41,6 +41,9 @@ Patch10:	default_bits.patch
 Patch11:	pic.patch
 Patch12:	stddef.patch
 
+# from upstream
+Patch13:	%{name}-fix_use_after_free.patch
+
 URL:		http://www.openssl.org/
 BuildRequires:	bc
 BuildRequires:	perl-devel >= 1:5.6.1
@@ -262,6 +265,8 @@ RC4, RSA и SSL. Включает статические библиотеки д
 %patch11 -p1
 %patch12 -p1
 
+%patch13 -p1
+
 sed -i -e 's|\$prefix/\$libdir/engines|/%{_lib}/engines|g' Configure
 
 %build
diff --git a/openssl-fix_use_after_free.patch b/openssl-fix_use_after_free.patch
new file mode 100644
index 0000000..f00d291
--- /dev/null
+++ b/openssl-fix_use_after_free.patch
@@ -0,0 +1,15 @@
+diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
+index b9e45c7..30b74c2 100644
+--- a/ssl/s3_pkt.c
++++ b/ssl/s3_pkt.c
+@@ -1335,7 +1335,8 @@ start:
+ 				s->rstate=SSL_ST_READ_HEADER;
+ 				rr->off=0;
+ 				if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+-					ssl3_release_read_buffer(s);
++					if (s->s3->rbuf.left == 0) /* no read-ahead left? */
++						ssl3_release_read_buffer(s);
+ 				}
+ 			}
+ 		return(n);
+
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/openssl.git/commitdiff/d9d42adfbd8b87641c95ae4f91c14a8621de0d00