diff -up openssl-1.0.1/apps/s_client.c.backport openssl-1.0.1/apps/s_client.c
--- openssl-1.0.1/apps/s_client.c.backport	2012-03-14 21:15:04.736897459 +0100
+++ openssl-1.0.1/apps/s_client.c	2012-04-05 19:48:40.469998965 +0200
@@ -622,13 +622,7 @@ int MAIN(int argc, char **argv)
 	SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024};
 #endif
 
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
 	meth=SSLv23_client_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	meth=SSLv3_client_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	meth=SSLv2_client_method();
-#endif
 
 	apps_startup();
 	c_Pause=0;
diff -up openssl-1.0.1/apps/s_server.c.backport openssl-1.0.1/apps/s_server.c
--- openssl-1.0.1/apps/s_server.c.backport	2012-03-14 21:15:04.690896516 +0100
+++ openssl-1.0.1/apps/s_server.c	2012-04-05 19:48:40.474999072 +0200
@@ -969,17 +969,7 @@ int MAIN(int argc, char *argv[])
 	char *srpuserseed = NULL;
 	char *srp_verifier_file = NULL;
 #endif
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
 	meth=SSLv23_server_method();
-#elif !defined(OPENSSL_NO_SSL3)
-	meth=SSLv3_server_method();
-#elif !defined(OPENSSL_NO_SSL2)
-	meth=SSLv2_server_method();
-#elif !defined(OPENSSL_NO_TLS1)
-	meth=TLSv1_server_method();
-#else
-  /*  #error no SSL version enabled */
-#endif
 
 	local_argc=argc;
 	local_argv=argv;
diff -up openssl-1.0.1/crypto/aes/asm/aes-armv4.pl.backport openssl-1.0.1/crypto/aes/asm/aes-armv4.pl
--- openssl-1.0.1/crypto/aes/asm/aes-armv4.pl.backport	2012-03-14 21:15:04.777898297 +0100
+++ openssl-1.0.1/crypto/aes/asm/aes-armv4.pl	2012-04-05 19:51:35.555528155 +0200
@@ -408,6 +408,7 @@ _armv4_AES_encrypt:
 .type   private_AES_set_encrypt_key,%function
 .align	5
 private_AES_set_encrypt_key:
+_armv4_AES_set_encrypt_key:
 	sub	r3,pc,#8		@ AES_set_encrypt_key
 	teq	r0,#0
 	moveq	r0,#-1
@@ -425,7 +426,7 @@ private_AES_set_encrypt_key:
 	bne	.Labrt
 
 .Lok:	stmdb   sp!,{r4-r12,lr}
-	sub	$tbl,r3,#private_AES_set_encrypt_key-AES_Te-1024	@ Te4
+	sub	$tbl,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024	@ Te4
 
 	mov	$rounds,r0		@ inp
 	mov	lr,r1			@ bits
@@ -685,7 +686,7 @@ private_AES_set_encrypt_key:
 .align	5
 private_AES_set_decrypt_key:
 	str	lr,[sp,#-4]!            @ push lr
-	bl	private_AES_set_encrypt_key
+	bl	_armv4_AES_set_encrypt_key
 	teq	r0,#0
 	ldrne	lr,[sp],#4              @ pop lr
 	bne	.Labrt
diff -up openssl-1.0.1/crypto/aes/asm/aes-s390x.pl.backport openssl-1.0.1/crypto/aes/asm/aes-s390x.pl
--- openssl-1.0.1/crypto/aes/asm/aes-s390x.pl.backport	2012-03-14 21:15:04.782898400 +0100
+++ openssl-1.0.1/crypto/aes/asm/aes-s390x.pl	2012-04-05 19:50:41.290593267 +0200
@@ -783,6 +783,7 @@ $code.=<<___;
 .type	private_AES_set_encrypt_key,\@function
 .align	16
 private_AES_set_encrypt_key:
+_s390x_AES_set_encrypt_key:
 	lghi	$t0,0
 	cl${g}r	$inp,$t0
 	je	.Lminus1
@@ -1068,7 +1069,7 @@ $code.=<<___;
 private_AES_set_decrypt_key:
 	st${g}	$key,4*$SIZE_T($sp)	# I rely on AES_set_encrypt_key to
 	st${g}	$ra,14*$SIZE_T($sp)	# save non-volatile registers!
-	bras	$ra,AES_set_encrypt_key
+	bras	$ra,_s390x_AES_set_encrypt_key
 	l${g}	$key,4*$SIZE_T($sp)
 	l${g}	$ra,14*$SIZE_T($sp)
 	ltgr	%r2,%r2
diff -up openssl-1.0.1/crypto/aes/asm/vpaes-x86_64.pl.backport openssl-1.0.1/crypto/aes/asm/vpaes-x86_64.pl
--- openssl-1.0.1/crypto/aes/asm/vpaes-x86_64.pl.backport	2012-03-14 21:15:04.777898297 +0100
+++ openssl-1.0.1/crypto/aes/asm/vpaes-x86_64.pl	2012-04-05 19:48:22.036603157 +0200
@@ -263,7 +263,7 @@ _vpaes_decrypt_core:
 	pshufb  %xmm2,  %xmm4	# 4 = sbou
 	pxor	%xmm0,  %xmm4	# 4 = sb1u + k
 	movdqa	0x70(%r10), %xmm0	# 0 : sbot
-	movdqa	.Lk_sr-.Lk_dsbd(%r11), %xmm2
+	movdqa	-0x160(%r11), %xmm2	# .Lk_sr-.Lk_dsbd=-0x160
 	pshufb  %xmm3,	%xmm0	# 0 = sb1t
 	pxor	%xmm4,	%xmm0	# 0 = A
 	pshufb	%xmm2,	%xmm0
@@ -869,6 +869,8 @@ ${PREFIX}_cbc_encrypt:
 ___
 ($len,$key)=($key,$len);
 $code.=<<___;
+	sub	\$16,$len
+	jc	.Lcbc_abort
 ___
 $code.=<<___ if ($win64);
 	lea	-0xb8(%rsp),%rsp
@@ -887,7 +889,6 @@ ___
 $code.=<<___;
 	movdqu	($ivp),%xmm6		# load IV
 	sub	$inp,$out
-	sub	\$16,$len
 	call	_vpaes_preheat
 	cmp	\$0,${enc}d
 	je	.Lcbc_dec_loop
@@ -932,6 +933,7 @@ $code.=<<___ if ($win64);
 .Lcbc_epilogue:
 ___
 $code.=<<___;
+.Lcbc_abort:
 	ret
 .size	${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt
 ___
diff -up openssl-1.0.1/crypto/aes/asm/vpaes-x86.pl.backport openssl-1.0.1/crypto/aes/asm/vpaes-x86.pl
--- openssl-1.0.1/crypto/aes/asm/vpaes-x86.pl.backport	2012-03-14 21:15:04.775898257 +0100
+++ openssl-1.0.1/crypto/aes/asm/vpaes-x86.pl	2012-04-05 19:48:22.036603157 +0200
@@ -843,6 +843,8 @@ $k_dsbo=0x2c0;		# decryption sbox final
 	&mov	($out,&wparam(1));		# out
 	&mov	($round,&wparam(2));		# len
 	&mov	($key,&wparam(3));		# key
+	&sub	($round,16);
+	&jc	(&label("cbc_abort"));
 	&lea	($base,&DWP(-56,"esp"));
 	&mov	($const,&wparam(4));		# ivp
 	&and	($base,-16);
@@ -853,7 +855,6 @@ $k_dsbo=0x2c0;		# decryption sbox final
 	&mov	(&DWP(48,"esp"),$base);
 
 	&mov	(&DWP(0,"esp"),$out);		# save out
-	&sub	($round,16);
 	&mov	(&DWP(4,"esp"),$key)		# save key
 	&mov	(&DWP(8,"esp"),$const);		# save ivp
 	&mov	($out,$round);			# $out works as $len
@@ -896,6 +897,7 @@ $k_dsbo=0x2c0;		# decryption sbox final
 	&mov	($base,&DWP(8,"esp"));		# restore ivp
 	&mov	("esp",&DWP(48,"esp"));
 	&movdqu	(&QWP(0,$base),"xmm1");		# write IV
+&set_label("cbc_abort");
 &function_end("${PREFIX}_cbc_encrypt");
 
 &asm_finish();
diff -up openssl-1.0.1/crypto/evp/p5_crpt.c.backport openssl-1.0.1/crypto/evp/p5_crpt.c
--- openssl-1.0.1/crypto/evp/p5_crpt.c.backport	2011-06-03 22:52:57.000000000 +0200
+++ openssl-1.0.1/crypto/evp/p5_crpt.c	2012-04-05 19:49:01.512450795 +0200
@@ -138,5 +138,6 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *c
 	OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
 	rv = 1;
 	err:
+	EVP_MD_CTX_cleanup(&ctx);
 	return rv;
 }
diff -up openssl-1.0.1/crypto/pkcs7/pk7_doit.c.backport openssl-1.0.1/crypto/pkcs7/pk7_doit.c
--- openssl-1.0.1/crypto/pkcs7/pk7_doit.c.backport	2012-03-12 17:27:50.000000000 +0100
+++ openssl-1.0.1/crypto/pkcs7/pk7_doit.c	2012-04-05 19:49:40.591289911 +0200
@@ -430,6 +430,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
 	STACK_OF(X509_ALGOR) *md_sk=NULL;
 	STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
 	PKCS7_RECIP_INFO *ri=NULL;
+       unsigned char *ek = NULL, *tkey = NULL;
+       int eklen = 0, tkeylen = 0;
 
 	i=OBJ_obj2nid(p7->type);
 	p7->state=PKCS7_S_HEADER;
@@ -507,8 +509,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
 		int max;
 		X509_OBJECT ret;
 #endif
-		unsigned char *ek = NULL, *tkey = NULL;
-		int eklen, tkeylen;
 
 		if ((etmp=BIO_new(BIO_f_cipher())) == NULL)
 			{
@@ -609,11 +609,13 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
 			{
 			OPENSSL_cleanse(ek,eklen);
 			OPENSSL_free(ek);
+                       ek = NULL;
 			}
 		if (tkey)
 			{
 			OPENSSL_cleanse(tkey,tkeylen);
 			OPENSSL_free(tkey);
+                       tkey = NULL;
 			}
 
 		if (out == NULL)
@@ -656,6 +658,16 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
 	if (0)
 		{
 err:
+               if (ek)
+                       {
+                       OPENSSL_cleanse(ek,eklen);
+                       OPENSSL_free(ek);
+                       }
+               if (tkey)
+                       {
+                       OPENSSL_cleanse(tkey,tkeylen);
+                       OPENSSL_free(tkey);
+                       }
 		if (out != NULL) BIO_free_all(out);
 		if (btmp != NULL) BIO_free_all(btmp);
 		if (etmp != NULL) BIO_free_all(etmp);
diff -up openssl-1.0.1/ssl/d1_srvr.c.backport openssl-1.0.1/ssl/d1_srvr.c
--- openssl-1.0.1/ssl/d1_srvr.c.backport	2012-03-06 14:24:16.000000000 +0100
+++ openssl-1.0.1/ssl/d1_srvr.c	2012-04-05 19:47:36.812632091 +0200
@@ -920,7 +920,7 @@ int dtls1_send_server_hello(SSL *s)
 		p=s->s3->server_random;
 		Time=(unsigned long)time(NULL);			/* Time */
 		l2n(Time,p);
-		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);
 		/* Do the message type and length last */
 		d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);