CVS: cvs.openbsd.org: ports

Stuart Henderson Tue, 16 Feb 2021 09:10:17 -0800

CVSROOT:        /cvs
Module name:    ports
Changes by:     st...@cvs.openbsd.org   2021/02/16 10:10:06


Modified files:
        security/openssl/1.1: Makefile distinfo 
        security/openssl/1.1/patches: patch-Configurations_10-main_conf 
        security/openssl/1.1/pkg: PLIST 

Log message:
update to OpenSSL 1.1.1.j

- Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
function (CVE-2021-23841)

- Fixed the RSA_padding_check_SSLv23() function and the
RSA_SSLV23_PADDING padding mode to correctly check for rollback attacks

- Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
EVP_DecryptUpdate functions (CVE-2021-23840)

- Fixed SRP_Calc_client_key so that it runs in constant time

CVS: cvs.openbsd.org: ports

Reply via email to