diff --git a/openssl-0.9.8b-aliasing-bug.patch b/openssl-0.9.8b-aliasing-bug.patch new file mode 100644 index 0000000..8d3b36a --- /dev/null +++ b/openssl-0.9.8b-aliasing-bug.patch @@ -0,0 +1,24 @@ + +This patch fixes a violation of the C aliasing rules that can cause +miscompilation with some compiler versions. + +--- openssl-0.9.8b/crypto/dso/dso_dlfcn.c.orig 2006-10-30 18:21:35.000000000 +0100 ++++ openssl-0.9.8b/crypto/dso/dso_dlfcn.c 2006-10-30 18:21:37.000000000 +0100 +@@ -237,7 +237,7 @@ static void *dlfcn_bind_var(DSO *dso, co + static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) + { + void *ptr; +- DSO_FUNC_TYPE sym, *tsym = &sym; ++ DSO_FUNC_TYPE sym; + + if((dso == NULL) || (symname == NULL)) + { +@@ -255,7 +255,7 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO + DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE); + return(NULL); + } +- *(void **)(tsym) = dlsym(ptr, symname); ++ sym = dlsym(ptr, symname); + if(sym == NULL) + { + DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE); diff --git a/openssl.spec b/openssl.spec index 0360ff7..a8f9284 100644 --- a/openssl.spec +++ b/openssl.spec @@ -21,7 +21,7 @@ Summary: The OpenSSL toolkit Name: openssl Version: 0.9.8b -Release: 8 +Release: 9%{?dist} Source: openssl-%{version}-usa.tar.bz2 Source1: hobble-openssl Source2: Makefile.certificate @@ -60,6 +60,7 @@ Patch57: openssl-0.9.8b-cve-2006-2937.patch Patch58: openssl-0.9.8b-cve-2006-2940.patch Patch59: openssl-0.9.8b-cve-2006-3738.patch Patch60: openssl-0.9.8b-cve-2006-4343.patch +Patch61: openssl-0.9.8b-aliasing-bug.patch License: BSDish Group: System Environment/Libraries @@ -129,6 +130,7 @@ from other formats to the formats used by the OpenSSL toolkit. %patch58 -p0 -b .parasitic %patch59 -p0 -b .shared-ciphers %patch60 -p0 -b .client-dos +%patch61 -p1 -b .aliasing-bug # Modify the various perl scripts to reference perl in the right location. perl util/perlpath.pl `dirname %{__perl}` @@ -363,6 +365,9 @@ rm -rf $RPM_BUILD_ROOT/%{_bindir}/openssl_fips_fingerprint %postun -p /sbin/ldconfig %changelog +* Thu Nov 2 2006 Tomas Mraz 0.9.8b-9 +- aliasing bug in engine loading, patch by IBM (#213216) + * Mon Oct 2 2006 Tomas Mraz 0.9.8b-8 - CVE-2006-2940 fix was incorrect (#208744)