Subject: CVS commit: [netbsd-3-0] src/crypto/dist/openssl
To: None <source-changes@NetBSD.org>
From: Matthias Scheler <tron@netbsd.org>
List: source-changes
Date: 10/06/2006 11:11:58
Module Name:	src
Committed By:	tron
Date:		Fri Oct  6 11:11:58 UTC 2006

Modified Files:
	src/crypto/dist/openssl/crypto/asn1 [netbsd-3-0]: tasn_dec.c
	src/crypto/dist/openssl/crypto/dh [netbsd-3-0]: dh.h dh_err.c dh_key.c
	src/crypto/dist/openssl/crypto/dsa [netbsd-3-0]: dsa.h dsa_err.c
	    dsa_ossl.c
	src/crypto/dist/openssl/crypto/rsa [netbsd-3-0]: rsa.h rsa_eay.c
	    rsa_err.c
	src/crypto/dist/openssl/ssl [netbsd-3-0]: s2_clnt.c s3_srvr.c ssl_lib.c

Log Message:
Apply patch (requested by ghen in ticket #1537):
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
    OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows
    remote attackers to cause a denial of service (inifnite loop
    and memory consumption) via malformed ASN.1 structures that
    trigger an improperly handled error condition.

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
    OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier
    versions allows attackers to cause a denial of service (CPU
    consumption) via certain public keys that require extra time
    to process.

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
    Buffer overflow in the SSL_get_shared_ciphers function in
    OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier
    versions has unspecified impact and remote attack vectors
    involving a long list of ciphers.

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
    Unspecified vulnerability in the SSLv2 client code in OpenSSL
    0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions
    allows remote servers to cause a denial of service (client
    crash) via unknown vectors.


To generate a diff of this commit:
cvs rdiff -r1.2 -r1.2.10.1 src/crypto/dist/openssl/crypto/asn1/tasn_dec.c
cvs rdiff -r1.5 -r1.5.10.1 src/crypto/dist/openssl/crypto/dh/dh.h
cvs rdiff -r1.1.1.4 -r1.1.1.4.10.1 src/crypto/dist/openssl/crypto/dh/dh_err.c
cvs rdiff -r1.1.1.5 -r1.1.1.5.10.1 src/crypto/dist/openssl/crypto/dh/dh_key.c
cvs rdiff -r1.6 -r1.6.10.1 src/crypto/dist/openssl/crypto/dsa/dsa.h
cvs rdiff -r1.1.1.4 -r1.1.1.4.10.1 \
    src/crypto/dist/openssl/crypto/dsa/dsa_err.c
cvs rdiff -r1.4 -r1.4.10.1 src/crypto/dist/openssl/crypto/dsa/dsa_ossl.c
cvs rdiff -r1.6 -r1.6.10.1 src/crypto/dist/openssl/crypto/rsa/rsa.h
cvs rdiff -r1.4 -r1.4.10.1 src/crypto/dist/openssl/crypto/rsa/rsa_eay.c
cvs rdiff -r1.1.1.4 -r1.1.1.4.10.1 \
    src/crypto/dist/openssl/crypto/rsa/rsa_err.c
cvs rdiff -r1.5 -r1.5.10.1 src/crypto/dist/openssl/ssl/s2_clnt.c
cvs rdiff -r1.8 -r1.8.10.1 src/crypto/dist/openssl/ssl/s3_srvr.c
cvs rdiff -r1.1.1.7 -r1.1.1.7.10.1 src/crypto/dist/openssl/ssl/ssl_lib.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.