File CVE-2011-4576.patch of Package openssl.444

Index: openssl-1.0.0c/ssl/s3_enc.c
===================================================================
--- openssl-1.0.0c.orig/ssl/s3_enc.c
+++ openssl-1.0.0c/ssl/s3_enc.c
@@ -511,6 +511,9 @@ int ssl3_enc(SSL *s, int send)
 
 			/* we need to add 'i-1' padding bytes */
 			l+=i;
+			/* the last of these zero bytes will be overwritten
+			 * with the padding length. */
+			memset(&rec->input[rec->length], 0, i);
 			rec->length+=i;
 			rec->input[l-1]=(i-1);
 			}