Module Name: src
Committed By: riz
Date: Thu Mar 19 16:46:02 UTC 2015
Modified Files:
src/doc [netbsd-6]: CHANGES-6.2
Log Message:
Ticket 1281
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.203 -r1.1.2.204 src/doc/CHANGES-6.2
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-6.2
diff -u src/doc/CHANGES-6.2:1.1.2.203 src/doc/CHANGES-6.2:1.1.2.204
--- src/doc/CHANGES-6.2:1.1.2.203 Tue Mar 17 19:39:10 2015
+++ src/doc/CHANGES-6.2 Thu Mar 19 16:46:02 2015
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-6.2,v 1.1.2.203 2015/03/17 19:39:10 snj Exp $
+# $NetBSD: CHANGES-6.2,v 1.1.2.204 2015/03/19 16:46:02 riz Exp $
A complete list of changes from the 6.1 release until the 6.2 release:
@@ -9745,3 +9745,22 @@ external/zlib/pigz/dist/zopfli/zopfli_li
sync pigz with HEAD.
[mrg, ticket #1268]
+crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c 1.2
+crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c 1.2
+crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c 1.2
+crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c 1.2
+crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod 1.2
+crypto/external/bsd/openssl/dist/ssl/s2_lib.c 1.3
+crypto/external/bsd/openssl/dist/ssl/s2_srvr.c 1.2
+
+ Address OpenSSL Security Advisory [19 Mar 2015]:
+ Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
+ Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
+ ASN.1 structure reuse memory corruption (CVE-2015-0287)
+ PKCS7 NULL pointer dereferences (CVE-2015-0289)
+ Base64 decode (CVE-2015-0292)
+ DoS via reachable assert in SSLv2 servers (CVE-2015-0293)
+ Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
+ X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)
+ [spz, ticket #1281]
+
