Date: Thu, 3 Dec 2009 09:18:40 +0000 (UTC) From: Colin Percival <cperciva@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/crypto/openssl/ssl s3_lib.c s3_pkt.c s3_srvr.c src/etc/mtree BSD.var.dist src/usr.sbin/freebsd-update freebsd-update.sh Message-ID: <200912030924.nB39Odre078498@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
cperciva 2009-12-03 09:18:40 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_8)
crypto/openssl/ssl s3_lib.c s3_pkt.c s3_srvr.c
etc/mtree BSD.var.dist
usr.sbin/freebsd-update freebsd-update.sh
Log:
SVN rev 200054 on 2009-12-03 09:18:40Z by cperciva
Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]
Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]
Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]
Approved by: so (cperciva)
Security: FreeBSD-SA-09:15.ssl
Security: FreeBSD-SA-09:16.rtld
Security: FreeBSD-SA-09:17.freebsd-udpate
Revision Changes Path
1.2.2.1 +3 -0 src/crypto/openssl/ssl/s3_lib.c
1.2.2.1 +2 -5 src/crypto/openssl/ssl/s3_pkt.c
1.3.2.1 +7 -0 src/crypto/openssl/ssl/s3_srvr.c
1.75.10.2 +1 -1 src/etc/mtree/BSD.var.dist
1.16.2.3 +1 -0 src/usr.sbin/freebsd-update/freebsd-update.sh
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912030924.nB39Odre078498>