Module Name: src
Committed By: riz
Date: Thu Mar 19 16:40:32 UTC 2015
Modified Files:
src/doc [netbsd-5-1]: CHANGES-5.1.6
Log Message:
Ticket 1594
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.20 -r1.1.2.21 src/doc/CHANGES-5.1.6
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-5.1.6
diff -u src/doc/CHANGES-5.1.6:1.1.2.20 src/doc/CHANGES-5.1.6:1.1.2.21
--- src/doc/CHANGES-5.1.6:1.1.2.20 Tue Mar 17 18:43:50 2015
+++ src/doc/CHANGES-5.1.6 Thu Mar 19 16:40:32 2015
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-5.1.6,v 1.1.2.20 2015/03/17 18:43:50 snj Exp $
+# $NetBSD: CHANGES-5.1.6,v 1.1.2.21 2015/03/19 16:40:32 riz Exp $
A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6
release:
@@ -2565,3 +2565,22 @@ xsrc/xfree/xc/lib/font/bitmap/bdfread.c
(bdfReadCharacters: ensure metrics fit into xCharInfo struct)
[mrg, ticket #1953]
+crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c 1.2
+crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c 1.2
+crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c 1.2
+crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c 1.2
+crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod 1.2
+crypto/external/bsd/openssl/dist/ssl/s2_lib.c 1.3
+crypto/external/bsd/openssl/dist/ssl/s2_srvr.c 1.2
+
+ Address OpenSSL Security Advisory [19 Mar 2015]:
+ RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
+ Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
+ ASN.1 structure reuse memory corruption (CVE-2015-0287)
+ PKCS7 NULL pointer dereferences (CVE-2015-0289)
+ Base64 decode (CVE-2015-0292)
+ DoS via reachable assert in SSLv2 servers (CVE-2015-0293)
+ Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
+ X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)
+ [spz, ticket #1954]
+
