[Pkg-openssl-devel] Bug#775502: Re[2]: Bug#775502: openssl: 1.0.1e-2+deb7u14 broke DTLS handshake with Chrome/Firefox
Андрей Семашев
andysem at mail.ru
Mon Jan 19 12:15:38 UTC 2015
Fri, 16 Jan 2015 18:43:36 +0100 от Kurt Roeckx <kurt at roeckx.be>:
>
> There is an upstream bug report about the patch for CVE-2015-0206
> breaking it. Are you sure it's the right patch?
That's the patch removing which fixed the problem for me. I tried removing the patch for CVE-2015-0206 (0112-A-memory-leak-can-occur-in-dtls1_buffer_record-if-ei.patch) and keeping others but it didn't help - the problem is still present. I didn't try every patch added in u14 indivilually though.
> The fix for that issue was to use SSL_CTX_set_read_ahead() setting
> it to 1. Can you check that fixes it for you?
That worked, thanks. Adding that function call fixes DTLS handshake with the stock 1.0.1e-2+deb7u14 package.
So, should this be considered a bug in libwebrtc or is this an unintended breaking change in openssl?
More information about the Pkg-openssl-devel
mailing list