main/openssl: fix double free. cve-2010-2939

(cherry picked from commit 928dd04996fb7ede6cbd646c1e48222910b07ff8)

2 files changed, 16 insertions, 2 deletions

diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index b7d334bb89..5f5399d718 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=openssl
 pkgver=1.0.0a
-pkgrel=3
+pkgrel=4
 pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
 url="http://openssl.org"
 depends=
@@ -19,6 +19,7 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
         0003-engines-e_padlock-backport-cvs-head-changes.patch
         0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
         0005-crypto-engine-autoload-padlock-dynamic-engine.patch
+        cve-2010-2939.patch
         "
 
 _builddir="$srcdir"/$pkgname-$pkgver
@@ -74,4 +75,5 @@ c6a9857a5dbd30cead0404aa7dd73977  openssl-bb-basename.patch
 5ba830cf1e828192c8c40023dc92917d  0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
 53fbd01733b488717575e04a5aaf6664  0003-engines-e_padlock-backport-cvs-head-changes.patch
 beea8819faeefb9ab19ef90f00c53782  0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
-8bc7a427f6005158585386b9837f700c  0005-crypto-engine-autoload-padlock-dynamic-engine.patch"
+8bc7a427f6005158585386b9837f700c  0005-crypto-engine-autoload-padlock-dynamic-engine.patch
+6fae2ff07483b001249c1944e5e14a1d  cve-2010-2939.patch"
diff --git a/main/openssl/cve-2010-2939.patch b/main/openssl/cve-2010-2939.patch
new file mode 100644
index 0000000000..29b5f844f2
--- /dev/null
+++ b/main/openssl/cve-2010-2939.patch
@@ -0,0 +1,12 @@
+http://bugs.gentoo.org/332027
+
+--- a/ssl/s3_clnt.c
++++ b/ssl/s3_clnt.c
+@@ -1508,6 +1508,7 @@
+                s->session->sess_cert->peer_ecdh_tmp=ecdh;
+                ecdh=NULL;
+                BN_CTX_free(bn_ctx);
++               bn_ctx = NULL;
+                EC_POINT_free(srvr_ecpoint);
+                srvr_ecpoint = NULL;
+                }