--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssl/openssl-1.0.1/patches/39_parfait_fixes.patch Fri Jun 20 10:41:46 2014 -0700
@@ -0,0 +1,66 @@
+# This patch was developed in-house
+# Patch submitted to upstream
+--- openssl-1.0.1h/crypto/ocsp/ocsp_ht.c.~1~ Tue Jun 10 12:56:08 2014
++++ openssl-1.0.1h/crypto/ocsp/ocsp_ht.c Tue Jun 10 12:55:30 2014
+@@ -158,8 +158,15 @@
+
+ OCSP_REQ_CTX *rctx;
+ rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX));
++ if (!rctx)
++ return 0;
+ rctx->state = OHS_ERROR;
+ rctx->mem = BIO_new(BIO_s_mem());
++ if (!rctx->mem)
++ {
++ OCSP_REQ_CTX_free(rctx);
++ return 0;
++ }
+ rctx->io = io;
+ rctx->asn1_len = 0;
+ if (maxline > 0)
+@@ -168,15 +175,24 @@
+ rctx->iobuflen = OCSP_MAX_LINE_LEN;
+ rctx->iobuf = OPENSSL_malloc(rctx->iobuflen);
+ if (!rctx->iobuf)
++ {
++ OCSP_REQ_CTX_free(rctx);
+ return 0;
++ }
+ if (!path)
+ path = "/";
+
+ if (BIO_printf(rctx->mem, post_hdr, path) <= 0)
++ {
++ OCSP_REQ_CTX_free(rctx);
+ return 0;
++ }
+
+ if (req && !OCSP_REQ_CTX_set1_req(rctx, req))
++ {
++ OCSP_REQ_CTX_free(rctx);
+ return 0;
++ }
+
+ return rctx;
+ }
+@@ -490,6 +506,9 @@
+
+ ctx = OCSP_sendreq_new(b, path, req, -1);
+
++ if (!ctx)
++ return NULL;
++
+ do
+ {
+ rv = OCSP_sendreq_nbio(&resp, ctx);
+--- openssl-1.0.1h/ssl/d1_both.c.~1~ Thu May 29 13:07:00 2014
++++ openssl-1.0.1h/ssl/d1_both.c Thu May 29 13:07:45 2014
+@@ -1172,6 +1172,8 @@
+
+ frag = dtls1_hm_fragment_new(s->init_num, 0);
+
++ if (!frag)
++ return 0;
+ memcpy(frag->fragment, s->init_buf->data, s->init_num);
+
+ if ( is_ccs)