CVS commit: [netbsd-5-1] src/crypto/dist/openssl

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: [netbsd-5-1] src/crypto/dist/openssl
From: "SAITOH Masanobu" <msaitoh%netbsd.org@localhost>
Date: Wed, 27 Aug 2014 13:32:35 +0000

Module Name:    src
Committed By:   msaitoh
Date:           Wed Aug 27 13:32:35 UTC 2014

Modified Files:
        src/crypto/dist/openssl/crypto/asn1 [netbsd-5-1]: a_object.c asn1.h
            asn1_err.c
        src/crypto/dist/openssl/crypto/objects [netbsd-5-1]: obj_dat.c
        src/crypto/dist/openssl/ssl [netbsd-5-1]: d1_both.c s23_srvr.c
            s3_clnt.c t1_lib.c

Log Message:
Pull up following revision(s) (requested by spz in ticket #1918):
        crypto/dist/openssl/crypto/asn1/a_object.c      patch
        crypto/dist/openssl/crypto/asn1/asn1.h          patch
        crypto/dist/openssl/crypto/asn1/asn1_err.c      patch
        crypto/dist/openssl/crypto/objects/obj_dat.c    patch
        crypto/dist/openssl/ssl/d1_both.c               patch
        crypto/dist/openssl/ssl/s23_srvr.c              patch
        crypto/dist/openssl/ssl/s3_clnt.c               patch
        crypto/dist/openssl/ssl/t1_lib.c                patch

Patches for the following vulnerabilities:
Information leak in pretty printing functions (CVE-2014-3508)
Double Free when processing DTLS packets (CVE-2014-3505)
DTLS memory exhaustion (CVE-2014-3506)
DTLS memory leak from zero-length fragments (CVE-2014-3507)
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
OpenSSL TLS protocol downgrade attack (CVE-2014-3511)

backported from the recent 1.0.1i OpenSSL release.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.12.1 \
    src/crypto/dist/openssl/crypto/asn1/a_object.c
cvs rdiff -u -r1.9.4.1 -r1.9.4.1.6.1 \
    src/crypto/dist/openssl/crypto/asn1/asn1.h
cvs rdiff -u -r1.1.1.8.4.1 -r1.1.1.8.4.1.6.1 \
    src/crypto/dist/openssl/crypto/asn1/asn1_err.c
cvs rdiff -u -r1.10 -r1.10.12.1 \
    src/crypto/dist/openssl/crypto/objects/obj_dat.c
cvs rdiff -u -r1.3.4.2.2.1 -r1.3.4.2.2.2 \
    src/crypto/dist/openssl/ssl/d1_both.c
cvs rdiff -u -r1.6 -r1.6.12.1 src/crypto/dist/openssl/ssl/s23_srvr.c
cvs rdiff -u -r1.12.4.2.2.2 -r1.12.4.2.2.3 \
    src/crypto/dist/openssl/ssl/s3_clnt.c
cvs rdiff -u -r1.2.12.3 -r1.2.12.4 src/crypto/dist/openssl/ssl/t1_lib.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/tests/lib/librumphijack
Next by Date: CVS commit: [netbsd-5] src/doc
Previous by Thread: CVS commit: src/tests/lib/librumphijack
Next by Thread: CVS commit: [netbsd-5] src/doc
Indexes:

Home | Main Index | Thread Index | Old Index