Roll OpenSSL 271781->275137
This pulls in the following changes:
------------------------------------------------------------------------
r275836 | agl@chromium.org | 2014-06-09 10:49:19 -0700 (Mon, 09 Jun 2014) | 31 lines
Pull in more changes from OpenSSL 1.0.1h.
This change includes the following changes from OpenSSL:
a07856a08d7e8d76273e5d05099914aa335da143
"Delays the queue insertion until after the ssl3_setup_buffers() call due to use-after-free bug. PR#3362"
725c5f1ad393a7bc344348d0ec7c268aaf2700a7
"Fix use after free."
(Not a problem unless read-ahead is used, which it is not in Chrome)
bcc311668ede6ffdcd6dc5a65454a548b5404fcc
"Free up s->d1->buffered_app_data.q properly. PR#3286"
b107586c0c3447ea22dba8698ebbcd81bb29d48c
"Fixed NULL pointer dereference. See PR#3321"
d0666f289ac013094bbbf547bfbcd616199b7d2d
"evp: prevent underflow in base64 decoding. This patch resolves RT ticket #2608."
a41d5174e27c99d1caefd76a8e927c814ede509e
"Initialize num properly."
8eb094b9460575a328ba04708147c91fc267b394
"Double free in i2o_ECPublicKey. PR: 3338."
9c8dc84ac16a2f21063ae36809d202d0284ecf82
"Fix double frees."
BUG=381169
------------------------------------------------------------------------
r275106 | agl@chromium.org | 2014-06-05 07:43:56 -0700 (Thu, 05 Jun 2014) | 19 lines
OpenSSL: add CVE fixes from 1.0.1h
This change includes the following commits from upstream:
8011cd56e39a433b1837465259a9bd24a38727fb
d3152655d5319ce883c8e3ac4b99f8de4c59d846
006cd7083f76ed5cb0d9a914857e9231ef1bc317
bc8923b1ec9c467755cd86f7848c50ee8812e441
1632ef744872edc2aa2a53d487d3e79c965a4ad3
These address the following CVEs:
CVE-2014-3470
CVE-2014-0221
CVE-2014-0224
CVE-2014-0195
BUG=381169
https://codereview.chromium.org/
317183003/
Review URL: https://codereview.chromium.org/
311263010
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@275899 0039d316-1c4b-4281-b951-d872f2087c98