CVS commit: [netbsd-7] src/doc

[Jeff Rizzo]

Module Name:    src
Committed By:   riz
Date:           Thu Mar 19 16:50:43 UTC 2015

Modified Files:
        src/doc [netbsd-7]: CHANGES-7.0

Log Message:
Ticket 625


To generate a diff of this commit:
cvs rdiff -u -r1.1.2.232 -r1.1.2.233 src/doc/CHANGES-7.0

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/doc/CHANGES-7.0
diff -u src/doc/CHANGES-7.0:1.1.2.232 src/doc/CHANGES-7.0:1.1.2.233
--- src/doc/CHANGES-7.0:1.1.2.232	Wed Mar 18 08:52:00 2015
+++ src/doc/CHANGES-7.0	Thu Mar 19 16:50:43 2015
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-7.0,v 1.1.2.232 2015/03/18 08:52:00 snj Exp $
+# $NetBSD: CHANGES-7.0,v 1.1.2.233 2015/03/19 16:50:43 riz Exp $
 
 A complete list of changes from the initial NetBSD 7.0 branch on 11 Aug 2014
 until the 7.0 release:
@@ -18767,3 +18767,22 @@ share/man/man9/pserialize.9			1.4-1.8
 	Expand and clarify the pserialize(9) man page.
 	[riastradh, ticket #607]
 
+crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c 1.2
+crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c 1.2
+crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c 1.2
+crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c 1.2
+crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod 1.2
+crypto/external/bsd/openssl/dist/ssl/s2_lib.c	1.3
+crypto/external/bsd/openssl/dist/ssl/s2_srvr.c	1.2
+
+	Address OpenSSL Security Advisory [19 Mar 2015]:
+	RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
+	Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
+	ASN.1 structure reuse memory corruption (CVE-2015-0287)
+	PKCS7 NULL pointer dereferences (CVE-2015-0289)
+	Base64 decode (CVE-2015-0292)
+	DoS via reachable assert in SSLv2 servers (CVE-2015-0293)
+	Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
+	X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)
+	[spz, ticket #625]
+