Module Name: src Committed By: snj Date: Sun Mar 28 15:43:25 UTC 2010
Modified Files: src/doc [netbsd-5-0]: CHANGES-5.0.3 Log Message: Tickets 1352 and 1355. To generate a diff of this commit: cvs rdiff -u -r1.1.2.6 -r1.1.2.7 src/doc/CHANGES-5.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/doc/CHANGES-5.0.3 diff -u src/doc/CHANGES-5.0.3:1.1.2.6 src/doc/CHANGES-5.0.3:1.1.2.7 --- src/doc/CHANGES-5.0.3:1.1.2.6 Sat Mar 6 23:21:18 2010 +++ src/doc/CHANGES-5.0.3 Sun Mar 28 15:43:25 2010 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.0.3,v 1.1.2.6 2010/03/06 23:21:18 sborrill Exp $ +# $NetBSD: CHANGES-5.0.3,v 1.1.2.7 2010/03/28 15:43:25 snj Exp $ A complete list of changes from the NetBSD 5.0.2 release to the NetBSD 5.0.3 release: @@ -158,3 +158,16 @@ Should fix PR#42881. [joerg, ticket #1320] +crypto/dist/openssl/ssl/s3_pkt.c patch + + Apply patchset 19476 from openssl repository, fixing CVE-2010-0740. + From http://www.openssl.org/news/secadv_20100324.txt: + "In TLS connections, certain incorrectly formatted records can cause + an OpenSSL client or server to crash due to a read attempt at NULL". + [bouyer, ticket #1355] + +sys/kern/uipc_syscalls.c patch + + In do_sys_recvmsg(), call free(9) with the same type malloc(9) used. + [jakllsch, ticket #1352] +