CVSROOT: /cvs
Module name: ports
Changes by: st...@cvs.openbsd.org 2014/11/04 12:45:41
Modified files:
security/polarssl: Makefile distinfo
Added files:
security/polarssl/patches: patch-CMakeLists_txt
Log message:
update to polarssl 1.3.9, security fixes (but note that nothing in the ports
tree currently uses this library)
* Lowest common hash was selected from signature_algorithms extension in
TLS 1.2 (found by Darren Bane) (introduced in 1.3.8).
* Remotely-triggerable memory leak when parsing some X.509 certificates
(server is not affected if it doesn't ask for a client certificate)
(found using Codenomicon Defensics).
* Remotely-triggerable memory leak when parsing crafted ClientHello
(not affected if ECC support was compiled out) (found using Codenomicon
Defensics).
