Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) by www.NetBSD.org (Postfix) with ESMTP id 3F4DC63B915 for ; Fri, 11 May 2012 14:53:34 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id BCA4414A3BA; Fri, 11 May 2012 14:53:53 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 0CB8D14A3B9 for ; Fri, 11 May 2012 14:53:51 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id E91TUody47pf for ; Fri, 11 May 2012 14:53:50 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 7354314A3B6 for ; Fri, 11 May 2012 14:53:50 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 05A26175DD; Fri, 11 May 2012 14:56:50 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Date: Fri, 11 May 2012 14:56:49 +0000 From: "Matthias Scheler" Subject: CVS commit: [pkgsrc-2012Q1] pkgsrc/security/openssl To: pkgsrc-changes@NetBSD.org Reply-To: tron@netbsd.org X-Mailer: log_accum Message-Id: <20120511145650.05A26175DD@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: tron Date: Fri May 11 14:56:49 UTC 2012 Modified Files: pkgsrc/security/openssl [pkgsrc-2012Q1]: Makefile distinfo Log Message: Pullup ticket #3782 - requested by taca security/openssl: security update Revisions pulled up: - security/openssl/Makefile 1.167 - security/openssl/distinfo 1.89 --- Module Name: pkgsrc Committed By: taca Date: Fri May 11 13:27:27 UTC 2012 Modified Files: pkgsrc/security/openssl: Makefile distinfo Log Message: Update openssl to 0.9.8x. OpenSSL CHANGES _______________ Changes between 0.9.8w and 0.9.8x [10 May 2012] *) Sanity check record length before skipping explicit IV in DTLS to fix DoS attack. Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing as a service testing platform. (CVE-2012-2333) [Steve Henson] *) Initialise tkeylen properly when encrypting CMS messages. Thanks to Solar Designer of Openwall for reporting this issue. [Steve Henson] To generate a diff of this commit: cvs rdiff -u -r1.164.2.2 -r1.164.2.3 pkgsrc/security/openssl/Makefile cvs rdiff -u -r1.86.2.2 -r1.86.2.3 pkgsrc/security/openssl/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.