CVS commit: pkgsrc/security/openssl

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/openssl
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Tue, 13 Mar 2012 03:11:32 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Tue Mar 13 03:11:32 UTC 2012

Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
Removed Files:
        pkgsrc/security/openssl/patches: patch-asn_mime.c

Log Message:
Update openssl pacakge to 0.9.8u.

 Changes between 0.9.8t and 0.9.8u [12 Mar 2012]

  *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
     in CMS and PKCS7 code. When RSA decryption fails use a random key for
     content decryption and always return the same error. Note: this attack
     needs on average 2^20 messages so it only affects automated senders. The
     old behaviour can be reenabled in the CMS code by setting the
     CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
     an MMA defence is not necessary.
     Thanks to Ivan Nestlerode <inestlerode%us.ibm.com@localhost> for 
discovering
     this issue. (CVE-2012-0884)
     [Steve Henson]

  *) Fix CVE-2011-4619: make sure we really are receiving a
     client hello before rejecting multiple SGC restarts. Thanks to
     Ivan Nestlerode <inestlerode%us.ibm.com@localhost> for discovering this 
bug.
     [Steve Henson]


To generate a diff of this commit:
cvs rdiff -u -r1.162 -r1.163 pkgsrc/security/openssl/Makefile
cvs rdiff -u -r1.85 -r1.86 pkgsrc/security/openssl/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/security/openssl/patches/patch-asn_mime.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: [pkgsrc-2011Q4] pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: [pkgsrc-2011Q4] pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index