From 68d2830ee9df50961e481e81c1baaa290c33f03e Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 3 Dec 2012 13:17:50 +0100
Subject: nss: prevent NSS from crashing on client auth hook failure

Although it is not explicitly stated in the documentation, NSS uses
*pRetCert and *pRetKey even if the client authentication hook returns
a failure.  Namely, if we destroy *pRetCert without clearing *pRetCert
afterwards, NSS destroys the certificate once again, which causes a
double free.

Reported by: Bob Relyea
---
 RELEASE-NOTES | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'RELEASE-NOTES')

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index a482dd7fa..b40c13aa1 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -13,7 +13,7 @@ This release includes the following changes:
 
 This release includes the following bugfixes:
 
- o 
+ o nss: prevent NSS from crashing on client auth hook failure
 
 This release includes the following known bugs:
 
@@ -28,4 +28,4 @@ advice from friends like these:
 
 References to bug reports and discussions on issues:
 
- 
\ No newline at end of file
+ 
-- 
cgit v1.2.3