Module Name: src
Committed By: riz
Date: Thu Mar 19 16:41:13 UTC 2015
Modified Files:
src/doc [netbsd-5-2]: CHANGES-5.2.4
Log Message:
Ticket 1594.
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.21 -r1.1.2.22 src/doc/CHANGES-5.2.4
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-5.2.4
diff -u src/doc/CHANGES-5.2.4:1.1.2.21 src/doc/CHANGES-5.2.4:1.1.2.22
--- src/doc/CHANGES-5.2.4:1.1.2.21 Tue Mar 17 18:44:37 2015
+++ src/doc/CHANGES-5.2.4 Thu Mar 19 16:41:13 2015
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-5.2.4,v 1.1.2.21 2015/03/17 18:44:37 snj Exp $
+# $NetBSD: CHANGES-5.2.4,v 1.1.2.22 2015/03/19 16:41:13 riz Exp $
A complete list of changes from the NetBSD 5.2.3 release to the NetBSD 5.2.4
release:
@@ -2565,3 +2565,22 @@ xsrc/xfree/xc/lib/font/bitmap/bdfread.c
(bdfReadCharacters: ensure metrics fit into xCharInfo struct)
[mrg, ticket #1953]
+crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c 1.2
+crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c 1.2
+crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c 1.2
+crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c 1.2
+crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod 1.2
+crypto/external/bsd/openssl/dist/ssl/s2_lib.c 1.3
+crypto/external/bsd/openssl/dist/ssl/s2_srvr.c 1.2
+
+ Address OpenSSL Security Advisory [19 Mar 2015]:
+ RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
+ Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
+ ASN.1 structure reuse memory corruption (CVE-2015-0287)
+ PKCS7 NULL pointer dereferences (CVE-2015-0289)
+ Base64 decode (CVE-2015-0292)
+ DoS via reachable assert in SSLv2 servers (CVE-2015-0293)
+ Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
+ X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)
+ [spz, ticket #1954]
+
