- CVE-2006-2940 fix was incorrect (#208744)

2006-10-02 08:37:59 +00:00 · 2006-10-02 08:37:59 +00:00 · 98d8457650
commit 98d8457650
parent 6dc7017559
2 changed files with 5 additions and 2 deletions
--- a/openssl-0.9.8b-cve-2006-2940.patch
+++ b/openssl-0.9.8b-cve-2006-2940.patch
@ -53,7 +53,7 @@ diff -u -r1.24.2.3 dh_key.c
 +	if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
 +		{
 +		DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
-+		goto err;
+		return -1;
 +		}
 +
 	ctx = BN_CTX_new();
--- a/openssl.spec
+++ b/openssl.spec
@ -21,7 +21,7 @@
 Summary: The OpenSSL toolkit
 Name: openssl
 Version: 0.9.8b
-Release: 7
+Release: 8
 Source: openssl-%{version}-usa.tar.bz2
 Source1: hobble-openssl
 Source2: Makefile.certificate
@ -363,6 +363,9 @@ rm -rf $RPM_BUILD_ROOT/%{_bindir}/openssl_fips_fingerprint
 %postun -p /sbin/ldconfig

 %changelog
+* Mon Oct  2 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-8
+- CVE-2006-2940 fix was incorrect (#208744)
+
 * Mon Sep 25 2006 Tomas Mraz <tmraz@redhat.com> 0.9.8b-7
 - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)
 - fix CVE-2006-2940 - parasitic public keys DoS (#207274)