diff options
author | simon <simon@FreeBSD.org> | 2010-04-01 15:19:51 +0000 |
---|---|---|
committer | simon <simon@FreeBSD.org> | 2010-04-01 15:19:51 +0000 |
commit | 2176e0cd52d68263d3d2ff39461442b734360fe1 (patch) | |
tree | 9b9ed316e70ff8c7ea71526ab69ab131960e8b72 /crypto/openssl/CHANGES | |
parent | 348853b7ae1be0b9abbde8c1b0ad8dcb786a2cb7 (diff) | |
download | FreeBSD-src-2176e0cd52d68263d3d2ff39461442b734360fe1.zip FreeBSD-src-2176e0cd52d68263d3d2ff39461442b734360fe1.tar.gz |
Merge OpenSSL 0.9.8n into head.
This fixes CVE-2010-0740 which only affected -CURRENT (OpenSSL 0.9.8m)
but not -STABLE branches.
I have not yet been able to find out if CVE-2010-0433 impacts FreeBSD.
This will be investigated further.
Security: CVE-2010-0433, CVE-2010-0740
Security: http://www.openssl.org/news/secadv_20100324.txt
Diffstat (limited to 'crypto/openssl/CHANGES')
-rw-r--r-- | crypto/openssl/CHANGES | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES index 97b3810..b350da7 100644 --- a/crypto/openssl/CHANGES +++ b/crypto/openssl/CHANGES @@ -2,6 +2,21 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8m and 0.9.8n [24 Mar 2010] + + *) When rejecting SSL/TLS records due to an incorrect version number, never + update s->server with a new major version number. As of + - OpenSSL 0.9.8m if 'short' is a 16-bit type, + - OpenSSL 0.9.8f if 'short' is longer than 16 bits, + the previous behavior could result in a read attempt at NULL when + receiving specific incorrect SSL/TLS records once record payload + protection is active. (CVE-2010-0740) + [Bodo Moeller, Adam Langley <agl@chromium.org>] + + *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL + could be crashed if the relevant tables were not present (e.g. chrooted). + [Tomas Hoger <thoger@redhat.com>] + Changes between 0.9.8l and 0.9.8m [25 Feb 2010] *) Always check bn_wexpend() return values for failure. (CVE-2009-3245) |