Now
netbsd-5-2 commitmail json YAML
src/crypto/dist/openssl/crypto/asn1/a_object.c@1.1.1.7.2.1
/
diff
/
nxr@1.1.1.7.2.1
src/crypto/dist/openssl/crypto/asn1/asn1.h@1.9.4.1.10.1 / diff / nxr@1.9.4.1.10.1
src/crypto/dist/openssl/crypto/asn1/asn1_err.c@1.1.1.8.4.1.10.1 / diff / nxr@1.1.1.8.4.1.10.1
src/crypto/dist/openssl/crypto/objects/obj_dat.c@1.10.2.1 / diff / nxr@1.10.2.1
src/crypto/dist/openssl/ssl/d1_both.c@1.3.4.2.6.2 / diff / nxr@1.3.4.2.6.2
src/crypto/dist/openssl/ssl/s23_srvr.c@1.6.2.1 / diff / nxr@1.6.2.1
src/crypto/dist/openssl/ssl/s3_clnt.c@1.12.4.3.4.2 / diff / nxr@1.12.4.3.4.2
src/crypto/dist/openssl/ssl/t1_lib.c@1.2.4.3.2.1 / diff / nxr@1.2.4.3.2.1
src/crypto/dist/openssl/crypto/asn1/asn1.h@1.9.4.1.10.1 / diff / nxr@1.9.4.1.10.1
src/crypto/dist/openssl/crypto/asn1/asn1_err.c@1.1.1.8.4.1.10.1 / diff / nxr@1.1.1.8.4.1.10.1
src/crypto/dist/openssl/crypto/objects/obj_dat.c@1.10.2.1 / diff / nxr@1.10.2.1
src/crypto/dist/openssl/ssl/d1_both.c@1.3.4.2.6.2 / diff / nxr@1.3.4.2.6.2
src/crypto/dist/openssl/ssl/s23_srvr.c@1.6.2.1 / diff / nxr@1.6.2.1
src/crypto/dist/openssl/ssl/s3_clnt.c@1.12.4.3.4.2 / diff / nxr@1.12.4.3.4.2
src/crypto/dist/openssl/ssl/t1_lib.c@1.2.4.3.2.1 / diff / nxr@1.2.4.3.2.1
Pull up following revision(s) (requested by spz in ticket #1918):
crypto/dist/openssl/crypto/asn1/a_object.c patch
crypto/dist/openssl/crypto/asn1/asn1.h patch
crypto/dist/openssl/crypto/asn1/asn1_err.c patch
crypto/dist/openssl/crypto/objects/obj_dat.c patch
crypto/dist/openssl/ssl/d1_both.c patch
crypto/dist/openssl/ssl/s23_srvr.c patch
crypto/dist/openssl/ssl/s3_clnt.c patch
crypto/dist/openssl/ssl/t1_lib.c patch
Patches for the following vulnerabilities:
Information leak in pretty printing functions (CVE-2014-3508)
Double Free when processing DTLS packets (CVE-2014-3505)
DTLS memory exhaustion (CVE-2014-3506)
DTLS memory leak from zero-length fragments (CVE-2014-3507)
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
OpenSSL TLS protocol downgrade attack (CVE-2014-3511)
backported from the recent 1.0.1i OpenSSL release.
crypto/dist/openssl/crypto/asn1/a_object.c patch
crypto/dist/openssl/crypto/asn1/asn1.h patch
crypto/dist/openssl/crypto/asn1/asn1_err.c patch
crypto/dist/openssl/crypto/objects/obj_dat.c patch
crypto/dist/openssl/ssl/d1_both.c patch
crypto/dist/openssl/ssl/s23_srvr.c patch
crypto/dist/openssl/ssl/s3_clnt.c patch
crypto/dist/openssl/ssl/t1_lib.c patch
Patches for the following vulnerabilities:
Information leak in pretty printing functions (CVE-2014-3508)
Double Free when processing DTLS packets (CVE-2014-3505)
DTLS memory exhaustion (CVE-2014-3506)
DTLS memory leak from zero-length fragments (CVE-2014-3507)
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
OpenSSL TLS protocol downgrade attack (CVE-2014-3511)
backported from the recent 1.0.1i OpenSSL release.