Re: CVS commit: [netbsd-1-6] src/crypto/dist/openssl/crypto

To: Matthias Scheler <tron%netbsd.org@localhost>
Subject: Re: CVS commit: [netbsd-1-6] src/crypto/dist/openssl/crypto
From: "Johnny C. Lam" <jlam%NetBSD.org@localhost>
Date: Sat, 4 Oct 2003 01:05:04 +0000

On Wed, Oct 01, 2003 at 03:04:30PM +0000, Matthias Scheler wrote:
> 
> Module Name:  src
> Committed By: tron
> Date:         Wed Oct  1 15:04:30 UTC 2003
> 
> Modified Files:
>       src/crypto/dist/openssl/crypto/asn1 [netbsd-1-6]: asn1_lib.c
>       src/crypto/dist/openssl/crypto/x509 [netbsd-1-6]: x509_vfy.c
> 
> Log Message:
> Apply patch (requested by christos in ticket #1492):
> Fix various bugs revealed by running the NISCC test suite:
> Stop out of bounds reads in the ASN1 code when presented with
> invalid tags (CAN-2003-0543 and CAN-2003-0544).
> If verify callback ignores invalid public key errors don't try to check
> certificate signature with the NULL public key.

Is there some way to check whether the system OpenSSL is fixed or not
for pkgsrc purposes?  I think the last time this came up, there was a
header symbol that we could check so that we could avoid installing
and depending on openssl-0.9.6g from pkgsrc.  Is there something
similar that we could do to avoid installing and depending on
openssl-0.9.6k from pkgsrc?  If not a header symbol, then perhaps
a library symbol we could check for using `nm'?

        Cheers,

        -- Johnny Lam <jlam%NetBSD.org@localhost>

References:
- CVS commit: [netbsd-1-6] src/crypto/dist/openssl/crypto
  - From: Matthias Scheler

Prev by Date: CVS commit: src/usr.sbin/pkg_install
Next by Date: CVS commit: src/sys/kern
Previous by Thread: CVS commit: [netbsd-1-6] src/crypto/dist/openssl/crypto
Next by Thread: CVS commit: [netbsd-1-6] src/doc
Indexes:

Home | Main Index | Thread Index | Old Index