source-changes: CVS commit: pkgsrc

Subject: CVS commit: pkgsrc
To: None <source-changes@netbsd.org>
From: Bill Sommerfeld <sommerfeld@netbsd.org>
List: source-changes
Date: 12/02/1999 09:20:14

Module Name:	pkgsrc
Committed By:	sommerfeld
Date:		Thu Dec  2 17:20:14 UTC 1999

Modified Files:
	pkgsrc/security/rsaref/files: patch-sum
	pkgsrc/security/rsaref/patches: patch-ah

Log Message:
Range-check input buffer length against maximum modulus size.  For
RSA*Encrypt() routines, require 3 bytes extra space for PKCS tags.

From Bugtraq posting <3845D352.95E47E26@core-sdi.com>, by
Gerardo Richarte <core.lists.bugtraq@CORE-SDI.COM>, dated
Wed, 1 Dec 1999 23:09:12 -0300

If you build packages with USE_RSAREF2 set, it is advisable to update
the rsaref package and any packages which may depend on it (openssl,
pgp2, ssh).


To generate a diff of this commit:
cvs rdiff -r1.1 -r1.2 pkgsrc/security/rsaref/files/patch-sum
cvs rdiff -r1.1 -r1.2 pkgsrc/security/rsaref/patches/patch-ah

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.