Module Name: src
Committed By: snj
Date: Sun Mar 28 15:43:25 UTC 2010
Modified Files:
src/doc [netbsd-5-0]: CHANGES-5.0.3
Log Message:
Tickets 1352 and 1355.
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.6 -r1.1.2.7 src/doc/CHANGES-5.0.3
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-5.0.3
diff -u src/doc/CHANGES-5.0.3:1.1.2.6 src/doc/CHANGES-5.0.3:1.1.2.7
--- src/doc/CHANGES-5.0.3:1.1.2.6 Sat Mar 6 23:21:18 2010
+++ src/doc/CHANGES-5.0.3 Sun Mar 28 15:43:25 2010
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-5.0.3,v 1.1.2.6 2010/03/06 23:21:18 sborrill Exp $
+# $NetBSD: CHANGES-5.0.3,v 1.1.2.7 2010/03/28 15:43:25 snj Exp $
A complete list of changes from the NetBSD 5.0.2 release to the NetBSD 5.0.3
release:
@@ -158,3 +158,16 @@
Should fix PR#42881.
[joerg, ticket #1320]
+crypto/dist/openssl/ssl/s3_pkt.c patch
+
+ Apply patchset 19476 from openssl repository, fixing CVE-2010-0740.
+ From http://www.openssl.org/news/secadv_20100324.txt:
+ "In TLS connections, certain incorrectly formatted records can cause
+ an OpenSSL client or server to crash due to a read attempt at NULL".
+ [bouyer, ticket #1355]
+
+sys/kern/uipc_syscalls.c patch
+
+ In do_sys_recvmsg(), call free(9) with the same type malloc(9) used.
+ [jakllsch, ticket #1352]
+
