From owner-cvs-src-old@FreeBSD.ORG  Wed Apr 22 14:38:56 2009
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 88ABE10657F8
	for <cvs-src-old@freebsd.org>; Wed, 22 Apr 2009 14:38:56 +0000 (UTC)
	(envelope-from cperciva@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 72F3F8FC16
	for <cvs-src-old@freebsd.org>; Wed, 22 Apr 2009 14:38:56 +0000 (UTC)
	(envelope-from cperciva@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n3MEcuUA046063
	for <cvs-src-old@freebsd.org>; Wed, 22 Apr 2009 14:38:56 GMT
	(envelope-from cperciva@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n3MEcuRV046062
	for cvs-src-old@freebsd.org; Wed, 22 Apr 2009 14:38:56 GMT
	(envelope-from cperciva@repoman.freebsd.org)
Message-Id: <200904221438.n3MEcuRV046062@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	cperciva@repoman.freebsd.org using -f
From: Colin Percival <cperciva@FreeBSD.org>
Date: Wed, 22 Apr 2009 14:07:14 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: RELENG_7_0
Subject: cvs commit: src UPDATING src/crypto/openssl/crypto/asn1 asn1.h
 asn1_err.c tasn_dec.c src/lib/libc/db/btree bt_split.c
 src/lib/libc/db/hash hash_buf.c src/lib/libc/db/mpool mpool.c
 src/sys/conf newvers.sh
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Apr 2009 14:38:57 -0000

cperciva    2009-04-22 14:07:14 UTC

  FreeBSD src repository

  Modified files:        (Branch: RELENG_7_0)
    .                    UPDATING 
    crypto/openssl/crypto/asn1 asn1.h asn1_err.c tasn_dec.c 
    lib/libc/db/btree    bt_split.c 
    lib/libc/db/hash     hash_buf.c 
    lib/libc/db/mpool    mpool.c 
    sys/conf             newvers.sh 
  Log:
  SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva
  
  Don't leak information via uninitialized space in db(3) records. [09:07]
  
  Sanity-check string lengths in order to stop OpenSSL crashing
  when printing corrupt BMPString or UniversalString objects. [09:08]
  
  Security:       FreeBSD-SA-09:07.libc
  Security:       FreeBSD-SA-09:08.openssl
  Security:       CVE-2009-0590
  Approved by:    re (kensmith)
  Approved by:    so (cperciva)
  
  Revision        Changes    Path
  1.507.2.3.2.16  +7 -0      src/UPDATING
  1.2.4.1         +2 -0      src/crypto/openssl/crypto/asn1/asn1.h
  1.1.1.6.4.1     +2 -0      src/crypto/openssl/crypto/asn1/asn1_err.c
  1.1.1.5.4.1     +12 -0     src/crypto/openssl/crypto/asn1/tasn_dec.c
  1.8.4.1         +1 -1      src/lib/libc/db/btree/bt_split.c
  1.8.4.1         +6 -3      src/lib/libc/db/hash/hash_buf.c
  1.13.4.1        +1 -1      src/lib/libc/db/mpool/mpool.c
  1.72.2.5.2.16   +1 -1      src/sys/conf/newvers.sh