aboutsummaryrefslogtreecommitdiff
path: root/RELEASE-NOTES
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2010-01-08 23:45:23 +0000
committerDaniel Stenberg <daniel@haxx.se>2010-01-08 23:45:23 +0000
commit552c3de3575c719161998d541b3750b2ce12674c (patch)
tree0e856f508e93bd512998a06182108753bf4283aa /RELEASE-NOTES
parentaa2f447400b5b49c9a00189fea33c2483c0a8a06 (diff)
- Johan van Selst found and fixed a OpenSSL session ref count leak:
ossl_connect_step3() increments an SSL session handle reference counter on each call. When sessions are re-used this reference counter may be incremented many times, but it will be decremented only once when done (by Curl_ossl_session_free()); and the internal OpenSSL data will not be freed if this reference count remains positive. When a session is re-used the reference counter should be corrected by explicitly calling SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid introducing a memory leak. (http://curl.haxx.se/bug/view.cgi?id=2926284)
Diffstat (limited to 'RELEASE-NOTES')
-rw-r--r--RELEASE-NOTES4
1 files changed, 3 insertions, 1 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index f2ed8c060..eab8e4216 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -42,6 +42,7 @@ This release includes the following bugfixes:
o header include fix for FreeBSD versions before v8
o fragment part of URLs are no longer sent to the server
o progress callback called repeatedly with c-ares for resolving
+ o OpenSSL session id ref count leak
This release includes the following known bugs:
@@ -54,6 +55,7 @@ advice from friends like these:
Marco Maggi, Camille Moncelier, Claes Jakobsson, Kevin Baughman,
Marc Kleine-Budde, Jad Chamcham, Bjorn Augustsson, David Byron,
Markus Koetter, Chad Monroe, Martin Storsjo, Siegfried Gyuricsko,
- Jon Nelson, Julien Chaffraix, Renato Botelho, Peter Pentchev, Ingmar Runge
+ Jon Nelson, Julien Chaffraix, Renato Botelho, Peter Pentchev, Ingmar Runge,
+ Johan van Selst
Thanks! (and sorry if I forgot to mention someone)