Subject: CVS commit: pkgsrc/security/openssl
To: None <pkgsrc-changes@netbsd.org>
From: Thomas Klausner <wiz@netbsd.org>
List: pkgsrc-changes
Date: 02/20/2003 09:59:27
Module Name: pkgsrc
Committed By: wiz
Date: Thu Feb 20 07:59:26 UTC 2003
Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Added Files:
pkgsrc/security/openssl/patches: patch-ag
Log Message:
Add patch from http://www.openssl.org/news/secadv_20030219.txt:
In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
via timing by performing a MAC computation even if incorrrect
block cipher padding has been found. This is a countermeasure
against active attacks where the attacker has to distinguish
between bad padding and a MAC verification error. (CAN-2003-0078)
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -r1.65 -r1.66 pkgsrc/security/openssl/Makefile
cvs rdiff -r1.15 -r1.16 pkgsrc/security/openssl/distinfo
cvs rdiff -r0 -r1.8 pkgsrc/security/openssl/patches/patch-ag
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.