OpenBSD 5.4 errata 8, Apr 12, 2014:  A use-after-free race condition
in OpenSSL's read buffer may permit an attacker to inject data from
one connection into another.

The advice in the previous OpenSSL errata also applies.

Apply patch using:

   cat 008_openssl.patch | (cd /usr/src && patch -p0)

Then build and install libssl

   cd /usr/src/lib/libssl/ssl
   make obj
   make
   make install

Also recompile any statically-linked binaries depending on it - in
the base OS, this is just ftp(1):

   cd /usr/src/usr.bin/ftp
   make obj
   make clean
   make
   make install

Then restart services which depend on SSL.

Index: lib/libssl/src/ssl/s3_pkt.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/ssl/s3_pkt.c,v
retrieving revision 1.19
retrieving revision 1.19.4.1
diff -u -p -u -r1.19 -r1.19.4.1
--- lib/libssl/src/ssl/s3_pkt.c 14 Feb 2013 15:11:43 -0000      1.19
+++ lib/libssl/src/ssl/s3_pkt.c 12 Apr 2014 17:00:53 -0000      1.19.4.1
@@ -1054,7 +1054,7 @@ start:
                               {
                               s->rstate=SSL_ST_READ_HEADER;
                               rr->off=0;
-                               if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+                               if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
                                       ssl3_release_read_buffer(s);
                               }
                       }

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.