projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb().
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index eb964236f85ffbe9220d2a3c67b3e9803999f5d2..9d1ba42e91b24e2ece56681c0c24a47501dd51de 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1914,6 +1914,12 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 
  Changes between 0.9.6g and 0.9.6h  [xx XXX xxxx]
 
+  *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
+     the cached sessions are flushed, as the remove_cb() might use ex_data
+     contents. Bug found by Sam Varshavchik <mrsam@courier-mta.com>
+     (see [openssl.org #212]).
+     [Geoff Thorpe, Lutz Jaenicke]
+
   *) Fix typo in OBJ_txt2obj which incorrectly passed the content
      length, instead of the encoding length to d2i_ASN1_OBJECT.
      [Steve Henson]
Unnamed repository; edit this file 'description' to name the repository.