From owner-cvs-src-old@FreeBSD.ORG Thu Dec 3 09:24:39 2009 Return-Path: Delivered-To: cvs-src-old@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C45D3106566B for ; Thu, 3 Dec 2009 09:24:39 +0000 (UTC) (envelope-from cperciva@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id B0DF18FC0C for ; Thu, 3 Dec 2009 09:24:39 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id nB39OdmE078499 for ; Thu, 3 Dec 2009 09:24:39 GMT (envelope-from cperciva@repoman.freebsd.org) Received: (from svn2cvs@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id nB39Odre078498 for cvs-src-old@freebsd.org; Thu, 3 Dec 2009 09:24:39 GMT (envelope-from cperciva@repoman.freebsd.org) Message-Id: <200912030924.nB39Odre078498@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to cperciva@repoman.freebsd.org using -f From: Colin Percival Date: Thu, 3 Dec 2009 09:18:40 +0000 (UTC) To: cvs-src-old@freebsd.org X-FreeBSD-CVS-Branch: RELENG_8 Subject: cvs commit: src/crypto/openssl/ssl s3_lib.c s3_pkt.c s3_srvr.c src/etc/mtree BSD.var.dist src/usr.sbin/freebsd-update freebsd-update.sh X-BeenThere: cvs-src-old@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: **OBSOLETE** CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2009 09:24:39 -0000 cperciva 2009-12-03 09:18:40 UTC FreeBSD src repository Modified files: (Branch: RELENG_8) crypto/openssl/ssl s3_lib.c s3_pkt.c s3_srvr.c etc/mtree BSD.var.dist usr.sbin/freebsd-update freebsd-update.sh Log: SVN rev 200054 on 2009-12-03 09:18:40Z by cperciva Disable SSL renegotiation in order to protect against a serious protocol flaw. [09:15] Correctly handle failures from unsetenv resulting from a corrupt environment in rtld-elf. [09:16] Fix permissions in freebsd-update in order to prevent leakage of sensitive files. [09:17] Approved by: so (cperciva) Security: FreeBSD-SA-09:15.ssl Security: FreeBSD-SA-09:16.rtld Security: FreeBSD-SA-09:17.freebsd-udpate Revision Changes Path 1.2.2.1 +3 -0 src/crypto/openssl/ssl/s3_lib.c 1.2.2.1 +2 -5 src/crypto/openssl/ssl/s3_pkt.c 1.3.2.1 +7 -0 src/crypto/openssl/ssl/s3_srvr.c 1.75.10.2 +1 -1 src/etc/mtree/BSD.var.dist 1.16.2.3 +1 -0 src/usr.sbin/freebsd-update/freebsd-update.sh