File curl-CVE-2016-5421.patch of Package curl.openSUSE_Leap_42.3_Update
From 141781ad346468c9d360af787ca00262d32c4f9d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 31 Jul 2016 01:09:04 +0200
Subject: [PATCH] curl_multi_cleanup: clear connection pointer for easy handles
---
lib/multi.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/multi.c b/lib/multi.c
index 9ee3523..8bb9366 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -2155,10 +2155,12 @@ static void close_all_connections(struct Curl_multi *multi)
while(conn) {
SIGPIPE_VARIABLE(pipe_st);
conn->data = multi->closure_handle;
sigpipe_ignore(conn->data, &pipe_st);
+ conn->data->easy_conn = NULL; /* clear the easy handle's connection
+ pointer */
/* This will remove the connection from the cache */
(void)Curl_disconnect(conn, FALSE);
sigpipe_restore(&pipe_st);
conn = Curl_conncache_find_first_connection(multi->conn_cache);
--
2.8.1