CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2016/05/04 02:07:03
Modified files:
security/openssl: Makefile distinfo
security/openssl/patches: patch-config
Log message:
update to OpenSSL-1.0.2h:
*) Prevent padding oracle in AES-NI CBC MAC check
*) Fix EVP_EncodeUpdate overflow
*) Fix EVP_EncryptUpdate overflow
*) Prevent ASN.1 BIO excessive memory allocation
*) EBCDIC overread
*) Modify behavior of ALPN to invoke callback after SNI/servername
callback, such that updates to the SSL_CTX affect ALPN.
*) Remove LOW from the DEFAULT cipher list, removing single DES
from the default.
*) Only remove the SSLv2 methods with the no-ssl2-method option.
When the methods are enabled and ssl2 is disabled the methods return
NULL. (i.e. restore ABI compat with pre-1.0.2g cf. SSLv2_*_method)
