Skip to content

Commit

Permalink
- fix #60895, possible invalid handler usage
Browse files Browse the repository at this point in the history
  • Loading branch information
pierrejoye committed Jan 27, 2012
1 parent 07cf07d commit d54710a
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 4 deletions.
9 changes: 7 additions & 2 deletions NEWS
Original file line number Diff line number Diff line change
@@ -1,8 +1,13 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? Jan 2012, PHP 5.4.0 RC 7
- Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389. (Scott)
- Core:
. Fix bug #60895 (Possible invalid handler usage in windows random
functions). (Pierre)

- OpenSSL:
. Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389. (Scott)

19 Jan 2012, PHP 5.4.0 RC6

Expand Down
6 changes: 4 additions & 2 deletions win32/winutil.c
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,10 @@ void php_win32_init_rng_lock()
void php_win32_free_rng_lock()
{
tsrm_mutex_lock(php_lock_win32_cryptoctx);
CryptReleaseContext(hCryptProv, 0);
has_crypto_ctx = 0;
if (has_crypto_ctx == 1) {
CryptReleaseContext(hCryptProv, 0);
has_crypto_ctx = 0;
}
tsrm_mutex_unlock(php_lock_win32_cryptoctx);
tsrm_mutex_free(php_lock_win32_cryptoctx);

Expand Down

0 comments on commit d54710a

Please sign in to comment.