From 0d9d75b124880ee5a3aeb5c2af92a04340c02bef Mon Sep 17 00:00:00 2001
From: Xin LI <delphij@FreeBSD.org>
Date: Tue, 2 Apr 2013 17:34:42 +0000
Subject: Fix OpenSSL multiple vulnerabilities. [13:03]

Fix BIND remote denial of service. [13:04]

Security:	CVE-2013-0166, CVE-2013-0169
Security:	FreeBSD-SA-13:03.openssl
Security:	CVE-2013-2266
Security:	FreeBSD-SA-13:04.bind
Approved by:	so
---
 crypto/openssl/crypto/rc4/rc4_skey.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'crypto/openssl/crypto/rc4/rc4_skey.c')

diff --git a/crypto/openssl/crypto/rc4/rc4_skey.c b/crypto/openssl/crypto/rc4/rc4_skey.c
index 4478d1a4b3b3..d1dc912b2414 100644
--- a/crypto/openssl/crypto/rc4/rc4_skey.c
+++ b/crypto/openssl/crypto/rc4/rc4_skey.c
@@ -138,9 +138,9 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
 		 */
 #ifdef OPENSSL_FIPS
 		unsigned long *ia32cap_ptr = OPENSSL_ia32cap_loc();
-		if (ia32cap_ptr && (*ia32cap_ptr & (1<<28))) {
+		if (ia32cap_ptr && (*ia32cap_ptr & (1<<20))) {
 #else
-		if (OPENSSL_ia32cap_P & (1<<28)) {
+		if (OPENSSL_ia32cap_P & (1<<20)) {
 #endif
 			unsigned char *cp=(unsigned char *)d;
 
-- 
cgit v1.2.3