From owner-cvs-src-old@FreeBSD.ORG  Sun Feb 13 11:09:56 2011
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D476C10656C8
	for <cvs-src-old@freebsd.org>; Sun, 13 Feb 2011 11:09:56 +0000 (UTC)
	(envelope-from simon@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id C19A78FC12
	for <cvs-src-old@freebsd.org>; Sun, 13 Feb 2011 11:09:56 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.4/8.14.4) with ESMTP id p1DB9uUK097201
	for <cvs-src-old@freebsd.org>; Sun, 13 Feb 2011 11:09:56 GMT
	(envelope-from simon@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.4/8.14.4/Submit) id p1DB9u7a097200
	for cvs-src-old@freebsd.org; Sun, 13 Feb 2011 11:09:56 GMT
	(envelope-from simon@repoman.freebsd.org)
Message-Id: <201102131109.p1DB9u7a097200@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	simon@repoman.freebsd.org using -f
From: "Simon L. Nielsen" <simon@FreeBSD.org>
Date: Sun, 13 Feb 2011 11:09:39 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: RELENG_8_2
Subject: cvs commit: src/crypto/openssl/ssl t1_lib.c
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Feb 2011 11:09:56 -0000

simon       2011-02-13 11:09:39 UTC

  FreeBSD src repository

  Modified files:        (Branch: RELENG_8_2)
    crypto/openssl/ssl   t1_lib.c 
  Log:
  SVN rev 218635 on 2011-02-13 11:09:39Z by simon
  
  MFS 218633:
  
  Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could
  cause OpenSSL to parse past the end of the message.
  
  Note: Applications are only affected if they act as a server and call
  SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. This includes
  Apache httpd >= 2.3.3, if configured with "SSLUseStapling On".
  
  The very quick merge is done to get this fix into 7.4 / 8.2.
  
  Approved by:    re (bz)
  Obtained from:  OpenSSL CVS
  Security:       http://www.openssl.org/news/secadv_20110208.txt
  Security:       CVE-2011-0014
  
  Revision     Changes    Path
  1.2.2.2.2.1  +7 -1      src/crypto/openssl/ssl/t1_lib.c