pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/security/openssl

Module Name:    pkgsrc
Committed By:   taca
Date:           Mon Apr 12 14:19:17 UTC 2010

Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
Removed Files:
        pkgsrc/security/openssl/patches: patch-bc

Log Message:
Update openssl package from 0.9.8m to 0.9.8n.

 Changes between 0.9.8m and 0.9.8n [24 Mar 2010]

  *) When rejecting SSL/TLS records due to an incorrect version number, never
     update s->server with a new major version number.  As of
     - OpenSSL 0.9.8m if 'short' is a 16-bit type,
     - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
     the previous behavior could result in a read attempt at NULL when
     receiving specific incorrect SSL/TLS records once record payload
     protection is active.  (CVE-2010-0740)
     [Bodo Moeller, Adam Langley <>]

  *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
     could be crashed if the relevant tables were not present (e.g. chrooted).
     [Tomas Hoger <>]

To generate a diff of this commit:
cvs rdiff -u -r1.146 -r1.147 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.73 -r1.74 pkgsrc/security/openssl/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/security/openssl/patches/patch-bc

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index