From 5a41641361dc46b4cb7cf85b97123cf9b25dca3b Mon Sep 17 00:00:00 2001
From: Tomáš Mráz <tmraz@fedoraproject.org>
Date: Mar 25 2010 12:20:03 +0000
Subject: - fix CVE-2010-0740


---

diff --git a/.cvsignore b/.cvsignore
index 7f0c9d7..7cf4e23 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-openssl-0.9.8m-usa.tar.bz2
+openssl-0.9.8n-usa.tar.bz2
diff --git a/openssl-0.9.8m-cve-2010-0433.patch b/openssl-0.9.8m-cve-2010-0433.patch
deleted file mode 100644
index 7800e41..0000000
--- a/openssl-0.9.8m-cve-2010-0433.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -up openssl-0.9.8m/ssl/kssl.c.krbdos openssl-0.9.8m/ssl/kssl.c
---- openssl-0.9.8m/ssl/kssl.c.krbdos	2009-04-16 18:43:18.000000000 +0200
-+++ openssl-0.9.8m/ssl/kssl.c	2010-03-22 20:57:06.000000000 +0100
-@@ -1802,6 +1802,9 @@ kssl_ctx_show(KSSL_CTX *kssl_ctx)
-                                      kssl_ctx->service_name ? kssl_ctx->service_name: KRB5SVC,
-                                      KRB5_NT_SRV_HST, &princ);
- 
-+    if (krb5rc)
-+        goto exit;
-+
-     krb5rc = krb5_kt_get_entry(krb5context, krb5keytab, 
-                                 princ,
-                                 0 /* IGNORE_VNO */,
diff --git a/openssl.spec b/openssl.spec
index 74f5ef4..0364448 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -22,7 +22,7 @@
 
 Summary: A general purpose cryptography library with TLS implementation
 Name: openssl
-Version: 0.9.8m
+Version: 0.9.8n
 Release: 1%{?dist}
 # We remove certain patented algorithms from the openssl source tarball
 # with the hobble-openssl script which is included below.
@@ -64,7 +64,6 @@ Patch49: openssl-0.9.8j-fips-no-pairwise.patch
 Patch50: openssl-0.9.8j-fips-rng-seed.patch
 Patch51: openssl-0.9.8m-multi-crl.patch
 # Backported fixes including security fixes
-Patch60: openssl-0.9.8m-cve-2010-0433.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -148,8 +147,6 @@ from other formats to the formats used by the OpenSSL toolkit.
 %patch50 -p1 -b .rng-seed
 %patch51 -p1 -b .multi-crl
 
-%patch60 -p1 -b .krbdos
-
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`
 
@@ -407,6 +404,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun -p /sbin/ldconfig
 
 %changelog
+* Thu Mar 25 2010 Tomas Mraz <tmraz@redhat.com> 0.9.8n-1
+- fix CVE-2010-0740
+
 * Mon Mar 22 2010 Tomas Mraz <tmraz@redhat.com> 0.9.8m-1
 - fix CVE-2009-3245 CVE-2009-3555 CVE-2009-4355 CVE-2010-0433
 
diff --git a/sources b/sources
index 6077614..22796af 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-a7761134f44b26b7a31c70047ba0f646  openssl-0.9.8m-usa.tar.bz2
+b0d6a7c9e128cc2aa8481d57ed25333f  openssl-0.9.8n-usa.tar.bz2