Date: Wed, 22 Apr 2009 14:07:14 +0000 (UTC) From: Colin Percival <cperciva@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/crypto/openssl/crypto/asn1 asn1.h asn1_err.c tasn_dec.c Message-ID: <200904221433.n3MEXk36045539@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
cperciva 2009-04-22 14:07:14 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_6)
crypto/openssl/crypto/asn1 asn1.h asn1_err.c tasn_dec.c
Log:
SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva
Don't leak information via uninitialized space in db(3) records. [09:07]
Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]
Security: FreeBSD-SA-09:07.libc
Security: FreeBSD-SA-09:08.openssl
Security: CVE-2009-0590
Approved by: re (kensmith)
Approved by: so (cperciva)
Revision Changes Path
1.1.1.7.10.1 +2 -0 src/crypto/openssl/crypto/asn1/asn1.h
1.1.1.4.12.1 +2 -0 src/crypto/openssl/crypto/asn1/asn1_err.c
1.1.1.2.10.2 +12 -0 src/crypto/openssl/crypto/asn1/tasn_dec.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904221433.n3MEXk36045539>