CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2021/02/16 10:10:06
Modified files:
security/openssl/1.1: Makefile distinfo
security/openssl/1.1/patches: patch-Configurations_10-main_conf
security/openssl/1.1/pkg: PLIST
Log message:
update to OpenSSL 1.1.1.j
- Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
function (CVE-2021-23841)
- Fixed the RSA_padding_check_SSLv23() function and the
RSA_SSLV23_PADDING padding mode to correctly check for rollback attacks
- Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
EVP_DecryptUpdate functions (CVE-2021-23840)
- Fixed SRP_Calc_client_key so that it runs in constant time
