CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2021/03/15 09:59:05
Modified files:
lib/libssl : Tag: OPENBSD_6_8 s3_lib.c ssl_lib.c
Log message:
Don't leave stale sequence numbers behind in ssl3_clear()
A TLS client doing session reuse in a certain way could run into
a use-after-free. Set the sequence numbers inside ssl3_clear() to
make sure this points at valid memory and do the initialization of
the record layer a bit earlier so that this works as desired.
Additionally, explicitly clear the sequence numbers in ssl3_free()
which would have turned the use-after-free into a NULL dereference.
Issue reported by Ilya Chipitsine.
Fix from jsing
This is errata/6.8/017_libssl.patch.sig
