On 12.03.2014 14:55, Dr Stephen Henson wrote: > On 12/03/2014 12:29, Rainer Jung wrote: >> On 12.03.2014 11:37, Jim Jagielski wrote: >>> At the very least, upgrading from 2.4.7 to 2.4.8 should not >>> cause this much pain. I will let the vote run a bit more to >>> gauge additional feedback, but my sense says that 2.4.8 >>> will likely be revoked/dropped and 2.4.9 will be proposed >>> which either (1) removes r1573360 or (2) fixes this bug. >> >> Agreed, if it were only about 1.0.1e vs. 1.0.1f it would be not that big >> an issue but since all Major versions seem to show the behavior and >> there's no easy workaround for 0.9.8 except upgrading to 1.x, I'd say we >> should implement the workaround suggested by Steve. >> > > Applied to trunk as r1576741. I've tried to keep the changes to the absolute > minimum. > > I've tested OpenSSL 0.9.8y without this change and can reproduce the crash. It > doesn't crash with this fix.
OK, saw that message to late, functionaly equivalent with what I tried (and you proposed). So agreed, this fixes it. Rainer
