MFC: r312825

Merge OpenSSL 1.0.2k.
author: jkim <jkim@FreeBSD.org> 2017-01-26 19:14:14 +0000
committer: jkim <jkim@FreeBSD.org> 2017-01-26 19:14:14 +0000
commit: 4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc (patch)
tree: f87776322a432fb3baf9f4ce835356d8b54ff8a7 /crypto/openssl/NEWS
parent: 778f6f84c2d897983421773093f18137a785cb40 (diff)
download: FreeBSD-src-4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc.zip
FreeBSD-src-4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/crypto/openssl/NEWS b/crypto/openssl/NEWS
index c057963..be4a266 100644
--- a/crypto/openssl/NEWS
+++ b/crypto/openssl/NEWS
@@ -5,9 +5,15 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017]
+
+      o Truncated packet could crash via OOB read (CVE-2017-3731)
+      o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
+      o Montgomery multiplication may produce incorrect results (CVE-2016-7055)
+
   Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016]
 
-      o Fix Use After Free for large message sizes (CVE-2016-6309)
+      o Missing CRL sanity check (CVE-2016-7052)
 
   Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016]
author	jkim <jkim@FreeBSD.org>	2017-01-26 19:14:14 +0000
committer	jkim <jkim@FreeBSD.org>	2017-01-26 19:14:14 +0000
commit	4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc (patch)
tree	f87776322a432fb3baf9f4ce835356d8b54ff8a7 /crypto/openssl/NEWS
parent	778f6f84c2d897983421773093f18137a785cb40 (diff)
download	FreeBSD-src-4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc.zip FreeBSD-src-4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc.tar.gz