the bitrig master branch has been updated by patrick with 1 new commit: commit dba135472472e425b5c16cf4b04d738196fdb29e diff: https://github.com/bitrig/bitrig/commit/dba1354 author: Patrick Wildt <[email protected]> date: Thu Mar 19 16:05:00 2015 +0100
OpenBSD 5.7 errata 3, March 19, 2015 Fix several crash causing defects from OpenSSL. These include: CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp CVE-2015-0287 - ASN.1 structure reuse memory corruption CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref CVE-2015-0289 - PKCS7 NULL pointer dereferences Several other issues did not apply or were already fixed. Refer to https://www.openssl.org/news/secadv_20150319.txt ok pedro@ M lib/libssl/src/crypto/asn1/a_int.c M lib/libssl/src/crypto/asn1/a_set.c M lib/libssl/src/crypto/asn1/a_type.c M lib/libssl/src/crypto/asn1/d2i_pr.c M lib/libssl/src/crypto/asn1/d2i_pu.c M lib/libssl/src/crypto/asn1/n_pkey.c M lib/libssl/src/crypto/asn1/tasn_dec.c M lib/libssl/src/crypto/asn1/x_x509.c M lib/libssl/src/crypto/ec/ec_asn1.c M lib/libssl/src/crypto/pkcs7/pk7_doit.c M lib/libssl/src/crypto/pkcs7/pk7_lib.c M lib/libssl/src/crypto/x509/x509_req.c M lib/libssl/src/ssl/d1_lib.c
