diff options
Diffstat (limited to 'meta/recipes-support/gnutls/gnutls/eliminated-double-free-CVE-2015-3308.patch')
-rw-r--r-- | meta/recipes-support/gnutls/gnutls/eliminated-double-free-CVE-2015-3308.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/eliminated-double-free-CVE-2015-3308.patch b/meta/recipes-support/gnutls/gnutls/eliminated-double-free-CVE-2015-3308.patch new file mode 100644 index 0000000000..628103ff6b --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/eliminated-double-free-CVE-2015-3308.patch | |||
@@ -0,0 +1,33 @@ | |||
1 | From d6972be33264ecc49a86cd0958209cd7363af1e9 Mon Sep 17 00:00:00 2001 | ||
2 | From: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||
3 | Date: Mon, 23 Mar 2015 22:55:29 +0100 | ||
4 | Subject: [PATCH] eliminated double-free in the parsing of dist points | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | Reported by Robert Święcki. | ||
10 | |||
11 | Fixes CVE-2015-3308 | ||
12 | Upstream-Status: Backport | ||
13 | |||
14 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
15 | --- | ||
16 | lib/x509/x509_ext.c | 1 - | ||
17 | 1 file changed, 1 deletion(-) | ||
18 | |||
19 | diff --git a/lib/x509/x509_ext.c b/lib/x509/x509_ext.c | ||
20 | index c8d5867..6f09438 100644 | ||
21 | --- a/lib/x509/x509_ext.c | ||
22 | +++ b/lib/x509/x509_ext.c | ||
23 | @@ -2360,7 +2360,6 @@ int gnutls_x509_ext_import_crl_dist_points(const gnutls_datum_t * ext, | ||
24 | |||
25 | if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { | ||
26 | gnutls_assert(); | ||
27 | - gnutls_free(san.data); | ||
28 | goto cleanup; | ||
29 | } | ||
30 | |||
31 | -- | ||
32 | 1.9.1 | ||
33 | |||