CVS commit: pkgsrc/security/openssl

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/openssl
From: Takahiro Kambe <taca%netbsd.org@localhost>
Date: Mon, 12 Apr 2010 14:19:17 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Mon Apr 12 14:19:17 UTC 2010

Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
Removed Files:
        pkgsrc/security/openssl/patches: patch-bc

Log Message:
Update openssl package from 0.9.8m to 0.9.8n.

 Changes between 0.9.8m and 0.9.8n [24 Mar 2010]

  *) When rejecting SSL/TLS records due to an incorrect version number, never
     update s->server with a new major version number.  As of
     - OpenSSL 0.9.8m if 'short' is a 16-bit type,
     - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
     the previous behavior could result in a read attempt at NULL when
     receiving specific incorrect SSL/TLS records once record payload
     protection is active.  (CVE-2010-0740)
     [Bodo Moeller, Adam Langley <agl%chromium.org@localhost>]

  *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
     could be crashed if the relevant tables were not present (e.g. chrooted).
     [Tomas Hoger <thoger%redhat.com@localhost>]


To generate a diff of this commit:
cvs rdiff -u -r1.146 -r1.147 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.73 -r1.74 pkgsrc/security/openssl/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/security/openssl/patches/patch-bc

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index