Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 22 Apr 2009 14:07:14 +0000 (UTC)
From:      Colin Percival <cperciva@FreeBSD.org>
To:        cvs-src-old@freebsd.org
Subject:   cvs commit: src UPDATING src/crypto/openssl/crypto/asn1 asn1.h asn1_err.c tasn_dec.c src/lib/libc/db/btree bt_split.c src/lib/libc/db/hash hash_buf.c src/lib/libc/db/mpool mpool.c src/sys/conf newvers.sh
Message-ID:  <200904221438.n3MEcuRV046062@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help 
cperciva    2009-04-22 14:07:14 UTC

  FreeBSD src repository

  Modified files:        (Branch: RELENG_7_0)
    .                    UPDATING 
    crypto/openssl/crypto/asn1 asn1.h asn1_err.c tasn_dec.c 
    lib/libc/db/btree    bt_split.c 
    lib/libc/db/hash     hash_buf.c 
    lib/libc/db/mpool    mpool.c 
    sys/conf             newvers.sh 
  Log:
  SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva
  
  Don't leak information via uninitialized space in db(3) records. [09:07]
  
  Sanity-check string lengths in order to stop OpenSSL crashing
  when printing corrupt BMPString or UniversalString objects. [09:08]
  
  Security:       FreeBSD-SA-09:07.libc
  Security:       FreeBSD-SA-09:08.openssl
  Security:       CVE-2009-0590
  Approved by:    re (kensmith)
  Approved by:    so (cperciva)
  
  Revision        Changes    Path
  1.507.2.3.2.16  +7 -0      src/UPDATING
  1.2.4.1         +2 -0      src/crypto/openssl/crypto/asn1/asn1.h
  1.1.1.6.4.1     +2 -0      src/crypto/openssl/crypto/asn1/asn1_err.c
  1.1.1.5.4.1     +12 -0     src/crypto/openssl/crypto/asn1/tasn_dec.c
  1.8.4.1         +1 -1      src/lib/libc/db/btree/bt_split.c
  1.8.4.1         +6 -3      src/lib/libc/db/hash/hash_buf.c
  1.13.4.1        +1 -1      src/lib/libc/db/mpool/mpool.c
  1.72.2.5.2.16   +1 -1      src/sys/conf/newvers.sh

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904221438.n3MEcuRV046062>