Source-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [netbsd-5-2] src



Module Name:    src
Committed By:   martin
Date:           Mon Jan 26 11:02:37 UTC 2015

Modified Files:
        src/crypto/dist/openssl/apps [netbsd-5-2]: s_client.c s_server.c
            speed.c
        src/crypto/dist/openssl/crypto [netbsd-5-2]: Makefile
            constant_time_locl.h cversion.c
        src/crypto/dist/openssl/crypto/asn1 [netbsd-5-2]: a_bitstr.c a_type.c
            a_verify.c asn1.h asn1_err.c tasn_dec.c x_algor.c
        src/crypto/dist/openssl/crypto/bio [netbsd-5-2]: bio.h bss_dgram.c
        src/crypto/dist/openssl/crypto/bn [netbsd-5-2]: bn_asm.c bntest.c
        src/crypto/dist/openssl/crypto/bn/asm [netbsd-5-2]: mips3.s
            x86_64-gcc.c
        src/crypto/dist/openssl/crypto/dsa [netbsd-5-2]: dsa_vrf.c
        src/crypto/dist/openssl/crypto/ec [netbsd-5-2]: ec_mult.c ec_pmeth.c
        src/crypto/dist/openssl/crypto/ecdsa [netbsd-5-2]: ecs_vrf.c
        src/crypto/dist/openssl/crypto/evp [netbsd-5-2]: Makefile evp_enc.c
        src/crypto/dist/openssl/crypto/objects [netbsd-5-2]: obj_xref.h
            objxref.pl
        src/crypto/dist/openssl/crypto/ts [netbsd-5-2]: ts_rsp_sign.c
        src/crypto/dist/openssl/crypto/x509 [netbsd-5-2]: x509.h x509_vpm.c
            x_all.c
        src/crypto/dist/openssl/ssl [netbsd-5-2]: d1_both.c d1_clnt.c d1_enc.c
            d1_lib.c d1_pkt.c d1_srvr.c dtls1.h s23_srvr.c s2_enc.c s2_pkt.c
            s2_srvr.c s3_both.c s3_clnt.c s3_enc.c s3_lib.c s3_pkt.c s3_srvr.c
            ssl.h ssl_cert.c ssl_lib.c ssl_locl.h
        src/crypto/dist/openssl/util [netbsd-5-2]: libeay.num mk1mf.pl
        src/distrib/sets/lists/base [netbsd-5-2]: md.amd64 md.sparc64 shl.mi
        src/lib/libcrypto [netbsd-5-2]: shlib_version
        src/lib/libssl [netbsd-5-2]: shlib_version

Log Message:
Change the following, requested by spz in ticket #1945:
        crypto/dist/openssl/apps/s_client.c                          patch
        crypto/dist/openssl/apps/s_server.c                          patch
        crypto/dist/openssl/apps/speed.c                             patch
        crypto/dist/openssl/crypto/Makefile                          patch
        crypto/dist/openssl/crypto/constant_time_locl.h              patch
        crypto/dist/openssl/crypto/cversion.c                        patch
        crypto/dist/openssl/crypto/asn1/a_bitstr.c                   patch
        crypto/dist/openssl/crypto/asn1/a_type.c                     patch
        crypto/dist/openssl/crypto/asn1/a_verify.c                   patch
        crypto/dist/openssl/crypto/asn1/asn1.h                       patch
        crypto/dist/openssl/crypto/asn1/asn1_err.c                   patch
        crypto/dist/openssl/crypto/asn1/tasn_dec.c                   patch
        crypto/dist/openssl/crypto/asn1/x_algor.c                    patch
        crypto/dist/openssl/crypto/bio/bio.h                         patch
        crypto/dist/openssl/crypto/bio/bss_dgram.c                   patch
        crypto/dist/openssl/crypto/bn/bn_asm.c                       patch
        crypto/dist/openssl/crypto/bn/bntest.c                       patch
        crypto/dist/openssl/crypto/bn/asm/mips3.s                    patch
        crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c               patch
        crypto/dist/openssl/crypto/dsa/dsa_vrf.c                     patch
        crypto/dist/openssl/crypto/ec/ec_mult.c                      patch
        crypto/dist/openssl/crypto/ec/ec_pmeth.c                     patch
        crypto/dist/openssl/crypto/ecdsa/ecs_vrf.c                   patch
        crypto/dist/openssl/crypto/evp/Makefile                      patch
        crypto/dist/openssl/crypto/evp/evp_enc.c                     patch
        crypto/dist/openssl/crypto/objects/obj_xref.h                patch
        crypto/dist/openssl/crypto/objects/objxref.pl                patch
        crypto/dist/openssl/crypto/ts/ts_rsp_sign.c                  patch
        crypto/dist/openssl/crypto/x509/x509.h                       patch
        crypto/dist/openssl/crypto/x509/x509_vpm.c                   patch
        crypto/dist/openssl/crypto/x509/x_all.c                      patch
        crypto/dist/openssl/ssl/d1_both.c                            patch
        crypto/dist/openssl/ssl/d1_clnt.c                            patch
        crypto/dist/openssl/ssl/d1_enc.c                             patch
        crypto/dist/openssl/ssl/d1_lib.c                             patch
        crypto/dist/openssl/ssl/d1_pkt.c                             patch
        crypto/dist/openssl/ssl/d1_srvr.c                            patch
        crypto/dist/openssl/ssl/dtls1.h                              patch
        crypto/dist/openssl/ssl/s23_srvr.c                           patch
        crypto/dist/openssl/ssl/s2_enc.c                             patch
        crypto/dist/openssl/ssl/s2_pkt.c                             patch
        crypto/dist/openssl/ssl/s2_srvr.c                            patch
        crypto/dist/openssl/ssl/s3_both.c                            patch
        crypto/dist/openssl/ssl/s3_clnt.c                            patch
        crypto/dist/openssl/ssl/s3_enc.c                             patch
        crypto/dist/openssl/ssl/s3_lib.c                             patch
        crypto/dist/openssl/ssl/s3_pkt.c                             patch
        crypto/dist/openssl/ssl/s3_srvr.c                            patch
        crypto/dist/openssl/ssl/ssl.h                                patch
        crypto/dist/openssl/ssl/ssl_cert.c                           patch
        crypto/dist/openssl/ssl/ssl_lib.c                            patch
        crypto/dist/openssl/ssl/ssl_locl.h                           patch
        crypto/dist/openssl/util/libeay.num                          patch
        crypto/dist/openssl/util/mk1mf.pl                            patch
        distrib/sets/lists/base/md.amd64                             patch
        distrib/sets/lists/base/md.sparc64                           patch
        distrib/sets/lists/base/shl.mi                               patch
        lib/libcrypto/shlib_version                                  patch
        lib/libssl/shlib_version                                     patch

Apply fixes for the following OpenSSL vulnerabilities:

DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
no-ssl3 configuration sets method to NULL (CVE-2014-3569)
ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
DH client certificates accepted without verification [Server] (CVE-2015-0205)
Certificate fingerprints can be modified (CVE-2014-8275)
Bignum squaring may produce incorrect results (CVE-2014-3570)


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.11.2.1 -r1.1.1.11.2.2 \
    src/crypto/dist/openssl/apps/s_client.c
cvs rdiff -u -r1.1.1.8 -r1.1.1.8.2.1 src/crypto/dist/openssl/apps/s_server.c
cvs rdiff -u -r1.8.4.1 -r1.8.4.1.10.1 src/crypto/dist/openssl/apps/speed.c
cvs rdiff -u -r1.1.1.4.2.1 -r1.1.1.4.2.2 \
    src/crypto/dist/openssl/crypto/Makefile
cvs rdiff -u -r1.1.6.2 -r1.1.6.3 \
    src/crypto/dist/openssl/crypto/constant_time_locl.h
cvs rdiff -u -r1.5 -r1.5.38.1 src/crypto/dist/openssl/crypto/cversion.c
cvs rdiff -u -r1.1.1.9 -r1.1.1.9.2.1 \
    src/crypto/dist/openssl/crypto/asn1/a_bitstr.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
    src/crypto/dist/openssl/crypto/asn1/a_type.c \
    src/crypto/dist/openssl/crypto/asn1/a_verify.c
cvs rdiff -u -r1.9.4.1.10.1 -r1.9.4.1.10.2 \
    src/crypto/dist/openssl/crypto/asn1/asn1.h
cvs rdiff -u -r1.1.1.8.4.1.10.1 -r1.1.1.8.4.1.10.2 \
    src/crypto/dist/openssl/crypto/asn1/asn1_err.c
cvs rdiff -u -r1.8.4.1 -r1.8.4.1.10.1 \
    src/crypto/dist/openssl/crypto/asn1/tasn_dec.c
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \
    src/crypto/dist/openssl/crypto/asn1/x_algor.c
cvs rdiff -u -r1.11 -r1.11.2.1 src/crypto/dist/openssl/crypto/bio/bio.h
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.2.1 \
    src/crypto/dist/openssl/crypto/bio/bss_dgram.c
cvs rdiff -u -r1.1.1.6 -r1.1.1.6.2.1 \
    src/crypto/dist/openssl/crypto/bn/bn_asm.c
cvs rdiff -u -r1.6 -r1.6.2.1 src/crypto/dist/openssl/crypto/bn/bntest.c
cvs rdiff -u -r1.1.1.4 -r1.1.1.4.52.1 \
    src/crypto/dist/openssl/crypto/bn/asm/mips3.s
cvs rdiff -u -r1.1.1.4.36.1 -r1.1.1.4.36.2 \
    src/crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c
cvs rdiff -u -r1.1.1.6 -r1.1.1.6.2.1 \
    src/crypto/dist/openssl/crypto/dsa/dsa_vrf.c
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.2.1 \
    src/crypto/dist/openssl/crypto/ec/ec_mult.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
    src/crypto/dist/openssl/crypto/ec/ec_pmeth.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.38.1 \
    src/crypto/dist/openssl/crypto/ecdsa/ecs_vrf.c
cvs rdiff -u -r1.1.1.5.2.1 -r1.1.1.5.2.2 \
    src/crypto/dist/openssl/crypto/evp/Makefile
cvs rdiff -u -r1.1.1.8.30.1 -r1.1.1.8.30.2 \
    src/crypto/dist/openssl/crypto/evp/evp_enc.c
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
    src/crypto/dist/openssl/crypto/objects/obj_xref.h \
    src/crypto/dist/openssl/crypto/objects/objxref.pl
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
    src/crypto/dist/openssl/crypto/ts/ts_rsp_sign.c
cvs rdiff -u -r1.12 -r1.12.2.1 src/crypto/dist/openssl/crypto/x509/x509.h
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 \
    src/crypto/dist/openssl/crypto/x509/x509_vpm.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 \
    src/crypto/dist/openssl/crypto/x509/x_all.c
cvs rdiff -u -r1.3.4.2.6.2 -r1.3.4.2.6.3 \
    src/crypto/dist/openssl/ssl/d1_both.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.2.1 src/crypto/dist/openssl/ssl/d1_clnt.c \
    src/crypto/dist/openssl/ssl/d1_lib.c \
    src/crypto/dist/openssl/ssl/d1_srvr.c
cvs rdiff -u -r1.1.1.3.4.1 -r1.1.1.3.4.1.2.1 \
    src/crypto/dist/openssl/ssl/d1_enc.c
cvs rdiff -u -r1.1.1.5.4.2 -r1.1.1.5.4.2.2.1 \
    src/crypto/dist/openssl/ssl/d1_pkt.c
cvs rdiff -u -r1.3 -r1.3.2.1 src/crypto/dist/openssl/ssl/dtls1.h
cvs rdiff -u -r1.6.2.2 -r1.6.2.3 src/crypto/dist/openssl/ssl/s23_srvr.c
cvs rdiff -u -r1.1.1.10 -r1.1.1.10.2.1 src/crypto/dist/openssl/ssl/s2_enc.c
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.2.1 src/crypto/dist/openssl/ssl/s2_pkt.c \
    src/crypto/dist/openssl/ssl/s3_both.c
cvs rdiff -u -r1.9.4.1 -r1.9.4.1.10.1 src/crypto/dist/openssl/ssl/s2_srvr.c
cvs rdiff -u -r1.12.4.3.4.3 -r1.12.4.3.4.4 \
    src/crypto/dist/openssl/ssl/s3_clnt.c
cvs rdiff -u -r1.1.1.12.4.2.2.1 -r1.1.1.12.4.2.2.2 \
    src/crypto/dist/openssl/ssl/s3_enc.c
cvs rdiff -u -r1.14.4.1.6.1 -r1.14.4.1.6.2 \
    src/crypto/dist/openssl/ssl/s3_lib.c
cvs rdiff -u -r1.9.4.3.6.2 -r1.9.4.3.6.3 src/crypto/dist/openssl/ssl/s3_pkt.c
cvs rdiff -u -r1.15.4.4.4.2 -r1.15.4.4.4.3 \
    src/crypto/dist/openssl/ssl/s3_srvr.c
cvs rdiff -u -r1.18.4.1.6.1 -r1.18.4.1.6.2 src/crypto/dist/openssl/ssl/ssl.h
cvs rdiff -u -r1.13 -r1.13.2.1 src/crypto/dist/openssl/ssl/ssl_cert.c
cvs rdiff -u -r1.5.2.1 -r1.5.2.2 src/crypto/dist/openssl/ssl/ssl_lib.c
cvs rdiff -u -r1.13.4.1 -r1.13.4.1.6.1 src/crypto/dist/openssl/ssl/ssl_locl.h
cvs rdiff -u -r1.1.1.13 -r1.1.1.13.2.1 \
    src/crypto/dist/openssl/util/libeay.num
cvs rdiff -u -r1.1.1.12 -r1.1.1.12.2.1 src/crypto/dist/openssl/util/mk1mf.pl
cvs rdiff -u -r1.25.2.12 -r1.25.2.12.2.1 src/distrib/sets/lists/base/md.amd64
cvs rdiff -u -r1.23.2.11 -r1.23.2.11.2.1 \
    src/distrib/sets/lists/base/md.sparc64
cvs rdiff -u -r1.450.2.9 -r1.450.2.9.2.1 src/distrib/sets/lists/base/shl.mi
cvs rdiff -u -r1.14.4.1 -r1.14.4.1.6.1 src/lib/libcrypto/shlib_version
cvs rdiff -u -r1.8 -r1.8.2.1 src/lib/libssl/shlib_version

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index