CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2021/02/16 10:10:06
Modified files: security/openssl/1.1: Makefile distinfo security/openssl/1.1/patches: patch-Configurations_10-main_conf security/openssl/1.1/pkg: PLIST Log message: update to OpenSSL 1.1.1.j - Fixed a NULL pointer deref in the X509_issuer_and_serial_hash() function (CVE-2021-23841) - Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING padding mode to correctly check for rollback attacks - Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate functions (CVE-2021-23840) - Fixed SRP_Calc_client_key so that it runs in constant time