Hey, RELENG_7 isn't -STABLE yet, so the issue mention in the commit mail beolow will not get a Security Advisory. This only affects applications using DTLS, and I doubt there are many of those, but users should still upgrade to get this fix, just in case.
See the OpenSSL advisory for some more details: http://www.openssl.org/news/secadv_20071012.txt If anybody were wondering, and hadn't checked the OpenSSL advisory: older versions of FreeBSD aren't affected as they have OpenSSL 0.9.7 which isn't affected (it doesn't have DTLS support). ----- Forwarded message from "Simon L. Nielsen" <[EMAIL PROTECTED]> ----- From: "Simon L. Nielsen" <[EMAIL PROTECTED]> Date: Thu, 18 Oct 2007 22:20:04 +0000 (UTC) To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: cvs commit: src/crypto/openssl/ssl d1_both.c dtls1.h ssl.h ssl_err.c simon 2007-10-18 22:20:04 UTC FreeBSD src repository Modified files: (Branch: RELENG_7) crypto/openssl/ssl d1_both.c dtls1.h ssl.h ssl_err.c Log: MFC: Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch. Security: CVE-2007-4995 Security: http://www.openssl.org/news/secadv_20071012.txt Approved by: re (kensmith) Revision Changes Path 1.1.1.1.2.1 +533 -605 src/crypto/openssl/ssl/d1_both.c 1.1.1.1.2.1 +3 -4 src/crypto/openssl/ssl/dtls1.h 1.1.1.16.2.1 +1 -0 src/crypto/openssl/ssl/ssl.h 1.1.1.11.2.1 +1 -0 src/crypto/openssl/ssl/ssl_err.c ----- End forwarded message ----- -- Simon L. Nielsen FreeBSD Deputy Security Officer
pgp01rCYA40Ei.pgp
Description: PGP signature
