Roll OpenSSL 271781->275137
commit79b03a8444ab0a756ca7ba7264d6f9d0b311a0c2
authoragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Tue, 10 Jun 2014 01:07:30 +0000 (10 01:07 +0000)
committeragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Tue, 10 Jun 2014 01:07:30 +0000 (10 01:07 +0000)
tree5c7be9da4cf6cf6761487ffedc2dc5b40fa71c40
parentc6a6572b7281e1ec953b7aea16791854bcba35d1
Roll OpenSSL 271781->275137

This pulls in the following changes:

------------------------------------------------------------------------
r275836 | agl@chromium.org | 2014-06-09 10:49:19 -0700 (Mon, 09 Jun 2014) | 31 lines

Pull in more changes from OpenSSL 1.0.1h.

This change includes the following changes from OpenSSL:

a07856a08d7e8d76273e5d05099914aa335da143
"Delays the queue insertion until after the ssl3_setup_buffers() call due to use-after-free bug. PR#3362"

725c5f1ad393a7bc344348d0ec7c268aaf2700a7
"Fix use after free."
(Not a problem unless read-ahead is used, which it is not in Chrome)

bcc311668ede6ffdcd6dc5a65454a548b5404fcc
"Free up s->d1->buffered_app_data.q properly. PR#3286"

b107586c0c3447ea22dba8698ebbcd81bb29d48c
"Fixed NULL pointer dereference. See PR#3321"

d0666f289ac013094bbbf547bfbcd616199b7d2d
"evp: prevent underflow in base64 decoding. This patch resolves RT ticket #2608."

a41d5174e27c99d1caefd76a8e927c814ede509e
"Initialize num properly."

8eb094b9460575a328ba04708147c91fc267b394
"Double free in i2o_ECPublicKey. PR: 3338."

9c8dc84ac16a2f21063ae36809d202d0284ecf82
"Fix double frees."

BUG=381169

------------------------------------------------------------------------
r275106 | agl@chromium.org | 2014-06-05 07:43:56 -0700 (Thu, 05 Jun 2014) | 19 lines

OpenSSL: add CVE fixes from 1.0.1h

This change includes the following commits from upstream:
  8011cd56e39a433b1837465259a9bd24a38727fb
  d3152655d5319ce883c8e3ac4b99f8de4c59d846
  006cd7083f76ed5cb0d9a914857e9231ef1bc317
  bc8923b1ec9c467755cd86f7848c50ee8812e441
  1632ef744872edc2aa2a53d487d3e79c965a4ad3

These address the following CVEs:
  CVE-2014-3470
  CVE-2014-0221
  CVE-2014-0224
  CVE-2014-0195

BUG=381169

https://codereview.chromium.org/317183003/

Review URL: https://codereview.chromium.org/311263010

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@275899 0039d316-1c4b-4281-b951-d872f2087c98
DEPS