Date: Wed, 22 Apr 2009 14:07:14 +0000 (UTC) From: Colin Percival <cperciva@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src UPDATING src/crypto/openssl/crypto/asn1 asn1.h asn1_err.c tasn_dec.c src/lib/libc/db/btree bt_split.c src/lib/libc/db/hash hash_buf.c src/lib/libc/db/mpool mpool.c src/sys/conf newvers.sh Message-ID: <200904221445.n3MEjcto046761@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
cperciva 2009-04-22 14:07:14 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_6_3)
. UPDATING
crypto/openssl/crypto/asn1 asn1.h asn1_err.c tasn_dec.c
lib/libc/db/btree bt_split.c
lib/libc/db/hash hash_buf.c
lib/libc/db/mpool mpool.c
sys/conf newvers.sh
Log:
SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva
Don't leak information via uninitialized space in db(3) records. [09:07]
Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]
Security: FreeBSD-SA-09:07.libc
Security: FreeBSD-SA-09:08.openssl
Security: CVE-2009-0590
Approved by: re (kensmith)
Approved by: so (cperciva)
Revision Changes Path
1.416.2.37.2.15 +7 -0 src/UPDATING
1.1.1.7.20.1 +2 -0 src/crypto/openssl/crypto/asn1/asn1.h
1.1.1.4.22.1 +2 -0 src/crypto/openssl/crypto/asn1/asn1_err.c
1.1.1.2.10.1.4.1 +12 -0 src/crypto/openssl/crypto/asn1/tasn_dec.c
1.7.10.1 +1 -1 src/lib/libc/db/btree/bt_split.c
1.7.24.1 +6 -3 src/lib/libc/db/hash/hash_buf.c
1.12.10.1 +1 -1 src/lib/libc/db/mpool/mpool.c
1.69.2.15.2.14 +1 -1 src/sys/conf/newvers.sh
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904221445.n3MEjcto046761>