[src/netbsd-1-6]: src/doc Pull-up of ticket 1492.

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/251af9717f9c
branches:  netbsd-1-6
changeset: 530761:251af9717f9c
user:      tron <tron%NetBSD.org@localhost>
date:      Wed Oct 01 15:05:55 2003 +0000

description:
Pull-up of ticket 1492.

diffstat:

 doc/CHANGES-1.6.2 |  13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletions(-)

diffs (24 lines):

diff -r 636b8174b53f -r 251af9717f9c doc/CHANGES-1.6.2
--- a/doc/CHANGES-1.6.2 Wed Oct 01 15:04:30 2003 +0000
+++ b/doc/CHANGES-1.6.2 Wed Oct 01 15:05:55 2003 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: CHANGES-1.6.2,v 1.1.2.164 2003/10/01 06:10:08 tron Exp $
+#      $NetBSD: CHANGES-1.6.2,v 1.1.2.165 2003/10/01 15:05:55 tron Exp $
 
 A complete list of changes from NetBSD 1.6.1 to NetBSD 1.6.2:
 
@@ -2104,3 +2104,14 @@
        use massive number of bogus ARPs for DoS attack.  FreeBSD-SA-03:14.arp
        [itojun, ticket #1482]
 
+crypto/dist/openssl/crypto/asn1/asn1_lib.c     patch
+crypto/dist/openssl/crypto/x509/x509_vfy.c     patch
+
+       Apply patch (requested by christos in ticket #1492):
+       Fix various bugs revealed by running the NISCC test suite:
+       Stop out of bounds reads in the ASN1 code when presented with
+       invalid tags (CAN-2003-0543 and CAN-2003-0544).
+       If verify callback ignores invalid public key errors don't try to check
+       certificate signature with the NULL public key.
+       [christos, ticket #1492]
+