CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl/dist
Module Name:src Committed By: snj Date: Fri Aug 18 05:32:57 UTC 2017 Modified Files: src/crypto/external/bsd/openssl/dist/crypto [netbsd-6-0]: crypto.h ex_data.c mem.c src/crypto/external/bsd/openssl/dist/crypto/asn1 [netbsd-6-0]: a_set.c asn1.h asn1_mac.h asn_pack.c x_x509.c src/crypto/external/bsd/openssl/dist/crypto/bio [netbsd-6-0]: bio.h bio_lib.c src/crypto/external/bsd/openssl/dist/crypto/comp [netbsd-6-0]: c_zlib.c src/crypto/external/bsd/openssl/dist/crypto/dh [netbsd-6-0]: dh.h dh_lib.c src/crypto/external/bsd/openssl/dist/crypto/dsa [netbsd-6-0]: dsa.h dsa_lib.c src/crypto/external/bsd/openssl/dist/crypto/ec [netbsd-6-0]: ec.h ec_key.c ec_lcl.h ec_lib.c src/crypto/external/bsd/openssl/dist/crypto/ecdh [netbsd-6-0]: ecdh.h ech_lib.c src/crypto/external/bsd/openssl/dist/crypto/ecdsa [netbsd-6-0]: ecdsa.h ecs_lib.c src/crypto/external/bsd/openssl/dist/crypto/engine [netbsd-6-0]: eng_lib.c engine.h src/crypto/external/bsd/openssl/dist/crypto/objects [netbsd-6-0]: o_names.c objects.h src/crypto/external/bsd/openssl/dist/crypto/rsa [netbsd-6-0]: rsa.h rsa_lib.c src/crypto/external/bsd/openssl/dist/crypto/stack [netbsd-6-0]: safestack.h src/crypto/external/bsd/openssl/dist/crypto/store [netbsd-6-0]: store.h str_lib.c src/crypto/external/bsd/openssl/dist/crypto/ui [netbsd-6-0]: ui.h ui_lib.c src/crypto/external/bsd/openssl/dist/crypto/x509 [netbsd-6-0]: x509.h x509_vfy.c x509_vfy.h src/crypto/external/bsd/openssl/dist/ssl [netbsd-6-0]: ssl.h ssl_lib.c ssl_sess.c Log Message: Apply patch (requested by mrg in ticket #1497): rename free_func to freefunc, following -current, to avoid namespace clashes with zlib.h. To generate a diff of this commit: cvs rdiff -u -r1.3.10.2 -r1.3.10.3 \ src/crypto/external/bsd/openssl/dist/crypto/crypto.h cvs rdiff -u -r1.1.1.1.14.1 -r1.1.1.1.14.2 \ src/crypto/external/bsd/openssl/dist/crypto/ex_data.c cvs rdiff -u -r1.1.1.2.4.2.4.4 -r1.1.1.2.4.2.4.5 \ src/crypto/external/bsd/openssl/dist/crypto/mem.c cvs rdiff -u -r1.1.1.2.14.2 -r1.1.1.2.14.3 \ src/crypto/external/bsd/openssl/dist/crypto/asn1/a_set.c \ src/crypto/external/bsd/openssl/dist/crypto/asn1/asn_pack.c cvs rdiff -u -r1.1.1.4.4.1.4.2 -r1.1.1.4.4.1.4.3 \ src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h cvs rdiff -u -r1.1.1.1.14.1 -r1.1.1.1.14.2 \ src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1_mac.h cvs rdiff -u -r1.1.1.2.10.4 -r1.1.1.2.10.5 \ src/crypto/external/bsd/openssl/dist/crypto/asn1/x_x509.c cvs rdiff -u -r1.1.1.3.8.1.4.4 -r1.1.1.3.8.1.4.5 \ src/crypto/external/bsd/openssl/dist/crypto/bio/bio.h cvs rdiff -u -r1.1.1.2.4.1.4.3 -r1.1.1.2.4.1.4.4 \ src/crypto/external/bsd/openssl/dist/crypto/bio/bio_lib.c cvs rdiff -u -r1.2.14.2 -r1.2.14.3 \ src/crypto/external/bsd/openssl/dist/crypto/comp/c_zlib.c cvs rdiff -u -r1.1.1.2.8.1.4.1 -r1.1.1.2.8.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/dh/dh.h cvs rdiff -u -r1.1.1.1.8.1.4.1 -r1.1.1.1.8.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/dh/dh_lib.c cvs rdiff -u -r1.1.1.3.4.1.4.1 -r1.1.1.3.4.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa.h cvs rdiff -u -r1.1.1.1.8.1.4.1 -r1.1.1.1.8.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa_lib.c cvs rdiff -u -r1.1.1.2.4.1.4.4 -r1.1.1.2.4.1.4.5 \ src/crypto/external/bsd/openssl/dist/crypto/ec/ec.h \ src/crypto/external/bsd/openssl/dist/crypto/ec/ec_key.c cvs rdiff -u -r1.1.1.2.4.1.4.3 -r1.1.1.2.4.1.4.4 \ src/crypto/external/bsd/openssl/dist/crypto/ec/ec_lcl.h cvs rdiff -u -r1.1.1.1.8.1.4.5 -r1.1.1.1.8.1.4.6 \ src/crypto/external/bsd/openssl/dist/crypto/ec/ec_lib.c cvs rdiff -u -r1.1.1.1.8.1.4.1 -r1.1.1.1.8.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/ecdh/ecdh.h cvs rdiff -u -r1.1.1.2.4.1.4.2 -r1.1.1.2.4.1.4.3 \ src/crypto/external/bsd/openssl/dist/crypto/ecdh/ech_lib.c cvs rdiff -u -r1.1.1.1.8.1.4.1 -r1.1.1.1.8.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/ecdsa/ecdsa.h cvs rdiff -u -r1.1.1.2.4.1.4.2 -r1.1.1.2.4.1.4.3 \ src/crypto/external/bsd/openssl/dist/crypto/ecdsa/ecs_lib.c cvs rdiff -u -r1.1.1.1.14.1 -r1.1.1.1.14.2 \ src/crypto/external/bsd/openssl/dist/crypto/engine/eng_lib.c cvs rdiff -u -r1.3.4.1.4.1 -r1.3.4.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/engine/engine.h cvs rdiff -u -r1.2.14.3 -r1.2.14.4 \ src/crypto/external/bsd/openssl/dist/crypto/objects/o_names.c cvs rdiff -u -r1.1.1.1.14.1 -r1.1.1.1.14.2 \ src/crypto/external/bsd/openssl/dist/crypto/objects/objects.h cvs rdiff -u -r1.1.1.2.4.1.4.3 -r1.1.1.2.4.1.4.4 \ src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa.h cvs rdiff -u -r1.1.1.3.4.1.4.
CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl/dist/crypto/evp
Module Name:src Committed By: snj Date: Sun Feb 5 05:52:42 UTC 2017 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/evp [netbsd-6-0]: e_rc4_hmac_md5.c Log Message: Apply patch (requested by spz in ticket #1355): Fix CVE-2017-3731. To generate a diff of this commit: cvs rdiff -u -r1.1.1.1.2.2.4.2 -r1.1.1.1.2.2.4.3 \ src/crypto/external/bsd/openssl/dist/crypto/evp/e_rc4_hmac_md5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl
Module Name:src Committed By: bouyer Date: Wed Oct 5 10:41:28 UTC 2016 Added Files: src/crypto/external/bsd/openssl/dist/doc/crypto [netbsd-6-0]: d2i_PrivateKey.pod src/crypto/external/bsd/openssl/lib/libcrypto/man [netbsd-6-0]: d2i_PrivateKey.3 Log Message: src/doc/3RDPARTYpatch src/distrib/sets/lists/comp/mi patch src/crypto/external/bsd/openssl/dist/CHANGESpatch src/crypto/external/bsd/openssl/dist/CONTRIBUTING patch src/crypto/external/bsd/openssl/dist/Configure patch src/crypto/external/bsd/openssl/dist/Makefile patch src/crypto/external/bsd/openssl/dist/NEWS patch src/crypto/external/bsd/openssl/dist/README patch src/crypto/external/bsd/openssl/dist/openssl.spec patch src/crypto/external/bsd/openssl/dist/apps/apps.cpatch src/crypto/external/bsd/openssl/dist/apps/enc.c patch src/crypto/external/bsd/openssl/dist/apps/passwd.c patch src/crypto/external/bsd/openssl/dist/apps/s_server.cpatch src/crypto/external/bsd/openssl/dist/apps/x509.cpatch src/crypto/external/bsd/openssl/dist/crypto/md32_common.h patch src/crypto/external/bsd/openssl/dist/crypto/opensslv.h patch src/crypto/external/bsd/openssl/dist/crypto/asn1/a_bytes.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/a_object.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/a_set.cpatch src/crypto/external/bsd/openssl/dist/crypto/asn1/asn1_lib.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/d2i_pr.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/f_enum.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/f_int.cpatch src/crypto/external/bsd/openssl/dist/crypto/asn1/f_string.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/p5_pbe.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/p5_pbev2.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/tasn_enc.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/tasn_prn.c patch src/crypto/external/bsd/openssl/dist/crypto/asn1/x_name.c patch src/crypto/external/bsd/openssl/dist/crypto/bio/bf_nbio.c patch src/crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c patch src/crypto/external/bsd/openssl/dist/crypto/bn/bn_print.c patch src/crypto/external/bsd/openssl/dist/crypto/bn/bn_rand.cpatch src/crypto/external/bsd/openssl/dist/crypto/cms/cms_enc.c patch src/crypto/external/bsd/openssl/dist/crypto/cms/cms_ess.c patch src/crypto/external/bsd/openssl/dist/crypto/cms/cms_pwri.c patch src/crypto/external/bsd/openssl/dist/crypto/des/des.c patch src/crypto/external/bsd/openssl/dist/crypto/des/enc_writ.c patch src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa_gen.c patch src/crypto/external/bsd/openssl/dist/crypto/dsa/dsa_ossl.c patch src/crypto/external/bsd/openssl/dist/crypto/evp/bio_ok.cpatch src/crypto/external/bsd/openssl/dist/crypto/evp/digest.cpatch src/crypto/external/bsd/openssl/dist/crypto/evp/e_seed.cpatch src/crypto/external/bsd/openssl/dist/crypto/md2/md2_dgst.c patch src/crypto/external/bsd/openssl/dist/crypto/mdc2/mdc2dgst.c patch src/crypto/external/bsd/openssl/dist/crypto/ocsp/ocsp_ext.c patch src/crypto/external/bsd/openssl/dist/crypto/pem/pem.h patch src/crypto/external/bsd/openssl/dist/crypto/pem/pem_err.c patch src/crypto/external/bsd/openssl/dist/crypto/pem/pem_lib.c patch src/crypto/external/bsd/openssl/dist/crypto/pem/pvkfmt.cpatch src/crypto/external/bsd/openssl/dist/crypto/pkcs12/p12_mutl.c patch src/crypto/external/bsd/openssl/dist/crypto/pkcs12/p12_npas.c patch src/crypto/external/bsd/openssl/dist/crypto/pkcs12/p12_utl.cpatch src/crypto/external/bsd/openssl/dist/crypto/pkcs12/pkcs12.h patch src/crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.cpatch src/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.cpatch src/crypto/external/bsd/openssl/dist/crypto/srp/srp_lib.c patch src/crypto/external/bsd/openssl/dist/crypto/srp/srp_vfy.c patch src/crypto/external/bsd/openssl/dist/crypto/ts/ts_lib.c patch s
CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl/lib/libcrypto
Module Name:src Committed By: snj Date: Wed Apr 15 04:30:11 UTC 2015 Modified Files: src/crypto/external/bsd/openssl/lib/libcrypto [netbsd-6-0]: evp.inc modes.inc src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386 [netbsd-6-0]: aes.inc Log Message: Pull up following revision(s) (requested by riastradh in ticket #832): crypto/external/bsd/openssl/lib/libcrypto/evp.inc: revision 1.5 crypto/external/bsd/openssl/lib/libcrypto/modes.inc: revision 1.3 crypto/external/bsd/openssl/lib/libcrypto/arch/i386/aes.inc: revision 1.3 Fix build goo for OpenSSL AES-NI support. OpenSSL now supports AES-NI in evp, not in an engine. We can now get rid of the no longer maintained aesni engine, which was broken last summer. Not only can OpenSSL now use AES-NI for everything it did before we broke it last summer, but it can also use AES-NI for more encryption modes than before, such as CTR. Tested on amd64, both vanilla and in an i386 chroot. ok christos To generate a diff of this commit: cvs rdiff -u -r1.2.4.1.4.2 -r1.2.4.1.4.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/evp.inc cvs rdiff -u -r1.1.8.1.4.2 -r1.1.8.1.4.3 \ src/crypto/external/bsd/openssl/lib/libcrypto/modes.inc cvs rdiff -u -r1.2 -r1.2.10.1 \ src/crypto/external/bsd/openssl/lib/libcrypto/arch/i386/aes.inc Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl/dist
Module Name:src Committed By: riz Date: Thu Mar 19 16:46:24 UTC 2015 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/asn1 [netbsd-6-0]: a_type.c tasn_dec.c src/crypto/external/bsd/openssl/dist/crypto/pkcs7 [netbsd-6-0]: pk7_doit.c pk7_lib.c src/crypto/external/bsd/openssl/dist/doc/crypto [netbsd-6-0]: d2i_X509.pod src/crypto/external/bsd/openssl/dist/ssl [netbsd-6-0]: s2_lib.c s2_srvr.c Log Message: Pull up following revision(s) (requested by spz in ticket #1281): crypto/external/bsd/openssl/dist/ssl/s2_lib.c: revision 1.3 crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c: revision 1.2 crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod: revision 1.2 crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c: revision 1.2 crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c: revision 1.2 crypto/external/bsd/openssl/dist/ssl/s2_srvr.c: revision 1.2 crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c: revision 1.2 patches for todays' OpenSSL security advisory from OpenSSL, as relevant to NetBSD base: OpenSSL Security Advisory [19 Mar 2015] === Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204) Severity: High This security issue was previously announced by the OpenSSL project and classified as "low" severity. This severity rating has now been changed to "high". This was classified low because it was originally thought that server RSA export ciphersuite support was rare: a client was only vulnerable to a MITM attack against a server which supports an RSA export ciphersuite. Recent studies have shown that RSA export ciphersuites support is far more common. This issue affects OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. ** issue already committed see last release ** OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd. This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team. It was previously announced in the OpenSSL security advisory on 8th January 2015. Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286) === Severity: Moderate The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check certificate signature algorithm consistency this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. OpenSSL 1.0.2 users should upgrade to 1.0.2a commit 1b8ac2b07d02207f2b88e0b009b0bff4ef7eda96 OpenSSL 1.0.1 users should upgrade to 1.0.1m. commit ee5a1253285e5c9f406c8b57b0686319b70c07d8 OpenSSL 1.0.0 users should upgrade to 1.0.0r. commit 1e3ca524cb38ec92deea37629718e98aba43bc5d OpenSSL 0.9.8 users should upgrade to 0.9.8zf. commit 7058bd1712828a78d34457b1cfc32bdc1e6d3d33 This issue was discovered and fixed by Stephen Henson of the OpenSSL development team. ASN.1 structure reuse memory corruption (CVE-2015-0287) === Severity: Moderate Reusing a structure in ASN.1 parsing may allow an attacker to cause memory corruption via an invalid write. Such reuse is and has been strongly discouraged and is believed to be rare. Applications that parse structures containing CHOICE or ANY DEFINED BY components may be affected. Certificate parsing (d2i_X509 and related functions) are however not affected. OpenSSL clients and servers are not affected. This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. OpenSSL 1.0.2 users should upgrade to 1.0.2a commit 0ca8edbe6ec402e39c9e095f8ae11dba8fa93fc1 OpenSSL 1.0.1 users should upgrade to 1.0.1m. commit a9f34a7aac5fd89f33a34fb71e954b85fbf35875 OpenSSL 1.0.0 users should upgrade to 1.0.0r. commit d96692c933fe02829c3e922bf7f239e0bd003759 OpenSSL 0.9.8 users should upgrade to 0.9.8zf. commit 5722767d5dc1a3b5505058fe27877fc993fe9a5a This issue was discovered by Emilia K�sper and a fix developed by Stephen Henson of the OpenSSL development team. PKCS7 NULL pointer dereferences (CVE-2015-0289) === Severity: Moderate The PKCS#7 parsing code does not handle missing outer ContentInfo correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing. Applications that verify PKCS#7 signatures, decrypt PKCS#7 data
CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl/dist/crypto
Module Name:src Committed By: snj Date: Sun Oct 26 19:54:53 UTC 2014 Added Files: src/crypto/external/bsd/openssl/dist/crypto [netbsd-6-0]: constant_time_locl.h Log Message: Apply patch (requested by spz in ticket 1170): update of openssl to the next higher version, 1.0.1j Upstream condensed log: Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] o Fix for CVE-2014-3513 o Fix for CVE-2014-3567 o Mitigation for CVE-2014-3566 (SSL protocol vulnerability) o Fix for CVE-2014-3568 To generate a diff of this commit: cvs rdiff -u -r0 -r1.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/constant_time_locl.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl/dist
Module Name:src Committed By: snj Date: Sun Oct 26 19:52:04 UTC 2014 Modified Files: src/crypto/external/bsd/openssl/dist [netbsd-6-0]: CHANGES Configure Makefile NEWS README e_os.h makevms.com openssl.spec src/crypto/external/bsd/openssl/dist/apps [netbsd-6-0]: makeapps.com s_client.c src/crypto/external/bsd/openssl/dist/crypto [netbsd-6-0]: LPdir_vms.c LPdir_win.c Makefile crypto-lib.com ebcdic.h install-crypto.com opensslconf.h opensslv.h ossl_typ.h src/crypto/external/bsd/openssl/dist/crypto/aes/asm [netbsd-6-0]: aesni-x86_64.pl src/crypto/external/bsd/openssl/dist/crypto/asn1 [netbsd-6-0]: a_strex.c src/crypto/external/bsd/openssl/dist/crypto/bn [netbsd-6-0]: bn_exp.c bn_nist.c exptest.c src/crypto/external/bsd/openssl/dist/crypto/bn/asm [netbsd-6-0]: x86_64-gcc.c src/crypto/external/bsd/openssl/dist/crypto/dsa [netbsd-6-0]: dsa_ameth.c src/crypto/external/bsd/openssl/dist/crypto/ec [netbsd-6-0]: ec.h ec2_smpl.c ec_ameth.c ec_asn1.c ecp_mont.c ecp_nist.c ecp_smpl.c ectest.c src/crypto/external/bsd/openssl/dist/crypto/err [netbsd-6-0]: openssl.ec src/crypto/external/bsd/openssl/dist/crypto/evp [netbsd-6-0]: Makefile e_aes.c evp_enc.c src/crypto/external/bsd/openssl/dist/crypto/md5/asm [netbsd-6-0]: md5-x86_64.pl src/crypto/external/bsd/openssl/dist/crypto/modes [netbsd-6-0]: modes.h src/crypto/external/bsd/openssl/dist/crypto/ocsp [netbsd-6-0]: ocsp_vfy.c src/crypto/external/bsd/openssl/dist/crypto/pkcs7 [netbsd-6-0]: pkcs7.h src/crypto/external/bsd/openssl/dist/crypto/pqueue [netbsd-6-0]: pqueue.h src/crypto/external/bsd/openssl/dist/crypto/rsa [netbsd-6-0]: Makefile rsa.h rsa_err.c rsa_oaep.c rsa_pk1.c rsa_sign.c src/crypto/external/bsd/openssl/dist/crypto/stack [netbsd-6-0]: safestack.h src/crypto/external/bsd/openssl/dist/doc/apps [netbsd-6-0]: dgst.pod src/crypto/external/bsd/openssl/dist/doc/crypto [netbsd-6-0]: BIO_s_accept.pod EVP_DigestInit.pod EVP_DigestVerifyInit.pod EVP_EncryptInit.pod EVP_PKEY_set1_RSA.pod EVP_PKEY_sign.pod src/crypto/external/bsd/openssl/dist/doc/ssl [netbsd-6-0]: SSL_CTX_set_tmp_dh_callback.pod src/crypto/external/bsd/openssl/dist/engines [netbsd-6-0]: makeengines.com src/crypto/external/bsd/openssl/dist/ssl [netbsd-6-0]: Makefile d1_both.c d1_lib.c d1_srtp.c dtls1.h s23_clnt.c s23_srvr.c s2_lib.c s3_cbc.c s3_clnt.c s3_enc.c s3_lib.c s3_pkt.c s3_srvr.c srtp.h ssl-lib.com ssl.h ssl3.h ssl_err.c ssl_lib.c t1_enc.c t1_lib.c tls1.h src/crypto/external/bsd/openssl/dist/test [netbsd-6-0]: Makefile maketests.com tests.com testssl src/crypto/external/bsd/openssl/dist/util [netbsd-6-0]: mk1mf.pl mkdef.pl ssleay.num Log Message: Apply patch (requested by spz in ticket 1170): update of openssl to the next higher version, 1.0.1j Upstream condensed log: Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] o Fix for CVE-2014-3513 o Fix for CVE-2014-3567 o Mitigation for CVE-2014-3566 (SSL protocol vulnerability) o Fix for CVE-2014-3568 To generate a diff of this commit: cvs rdiff -u -r1.1.1.4.4.1.4.3 -r1.1.1.4.4.1.4.4 \ src/crypto/external/bsd/openssl/dist/CHANGES cvs rdiff -u -r1.2.4.1.4.2 -r1.2.4.1.4.3 \ src/crypto/external/bsd/openssl/dist/Configure cvs rdiff -u -r1.1.1.1.2.2.4.3 -r1.1.1.1.2.2.4.4 \ src/crypto/external/bsd/openssl/dist/Makefile cvs rdiff -u -r1.1.1.2.4.1.4.3 -r1.1.1.2.4.1.4.4 \ src/crypto/external/bsd/openssl/dist/NEWS cvs rdiff -u -r1.1.1.3.4.1.4.3 -r1.1.1.3.4.1.4.4 \ src/crypto/external/bsd/openssl/dist/README \ src/crypto/external/bsd/openssl/dist/openssl.spec cvs rdiff -u -r1.1.1.3.4.1.4.1 -r1.1.1.3.4.1.4.2 \ src/crypto/external/bsd/openssl/dist/e_os.h cvs rdiff -u -r1.1.1.2.4.1 -r1.1.1.2.4.1.4.1 \ src/crypto/external/bsd/openssl/dist/makevms.com cvs rdiff -u -r1.1.1.2 -r1.1.1.2.10.1 \ src/crypto/external/bsd/openssl/dist/apps/makeapps.com cvs rdiff -u -r1.2.4.1.4.2 -r1.2.4.1.4.3 \ src/crypto/external/bsd/openssl/dist/apps/s_client.c cvs rdiff -u -r1.1.1.2 -r1.1.1.2.10.1 \ src/crypto/external/bsd/openssl/dist/crypto/LPdir_vms.c cvs rdiff -u -r1.1.1.1 -r1.1.1.1.14.1 \ src/crypto/external/bsd/openssl/dist/crypto/LPdir_win.c \ src/crypto/external/bsd/openssl/dist/crypto/ebcdic.h cvs rdiff -u -r1.1.1.2.4.1.4.1 -r1.1.1.2.4.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/Makefile cvs rdiff -u -r1.1.1.3.4.1.4.1 -r1.1.1.3.4.1.4.2 \ src/crypto/external/bsd/openssl/dist/crypto/crypto-lib.com cvs rdiff -u -r1.1.1.1 -r1.
CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl
Module Name:src
Committed By: bouyer
Date: Tue Apr 8 20:23:14 UTC 2014
Modified Files:
src/crypto/external/bsd/openssl [netbsd-6-0]: pkgconfig.mk
Log Message:
Pull up following revision(s) (requested by tron in ticket #1045):
crypto/external/bsd/openssl/pkgconfig.mk: revision 1.5
Run the mkpc script using ${HOST_SH}
To generate a diff of this commit:
cvs rdiff -u -r1.5.6.2 -r1.5.6.3 src/crypto/external/bsd/openssl/pkgconfig.mk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl/dist/crypto
Module Name:src Committed By: bouyer Date: Thu Apr 3 19:02:00 UTC 2014 Modified Files: src/crypto/external/bsd/openssl/dist/crypto/bn [netbsd-6-0]: bn.h bn_lib.c src/crypto/external/bsd/openssl/dist/crypto/ec [netbsd-6-0]: ec2_mult.c Log Message: Pull up following revision(s) (requested by tron in ticket #1041): crypto/external/bsd/openssl/dist/crypto/ec/ec2_mult.c: revision 1.2 crypto/external/bsd/openssl/dist/crypto/bn/bn.h: revision 1.2 crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c: revision 1.2 Add fix for CVE-2014-0076 taken from OpenSSL GIT repository: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 To generate a diff of this commit: cvs rdiff -u -r1.1.1.2.4.1 -r1.1.1.2.4.1.4.1 \ src/crypto/external/bsd/openssl/dist/crypto/bn/bn.h cvs rdiff -u -r1.1.1.2 -r1.1.1.2.10.1 \ src/crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c cvs rdiff -u -r1.1.1.2.4.1 -r1.1.1.2.4.1.4.1 \ src/crypto/external/bsd/openssl/dist/crypto/ec/ec2_mult.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-6-0] src/crypto/external/bsd/openssl/dist/engines/ccgost
Module Name:src Committed By: riz Date: Sun Feb 10 20:20:56 UTC 2013 Modified Files: src/crypto/external/bsd/openssl/dist/engines/ccgost [netbsd-6-0]: gost_eng.c Log Message: Pull up following revision(s) (requested by manu in ticket #806): crypto/external/bsd/openssl/dist/engines/ccgost/gost_eng.c: revision 1.2 Pull multiple free bua fix from upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=patch;h=d21bf10dea6588b63 2a65b4fe594e04f288aad83;hp=d47c01a31a67ff4370b1883a58cabd0279752bb4 Multiple copies of the ENGINE will cause problems when it is cleaned up as the methods are stored in static structures which will be overwritten and freed up more than once. Set static methods to NULL when the ENGINE is freed so it can be reloaded. To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.1.1.1.14.1 \ src/crypto/external/bsd/openssl/dist/engines/ccgost/gost_eng.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
