Date: Thu, 3 Dec 2009 09:18:40 +0000 (UTC) From: Colin Percival <cperciva@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src UPDATING src/crypto/openssl/ssl s3_lib.c s3_pkt.c s3_srvr.c src/etc/mtree BSD.var.dist src/libexec/rtld-elf rtld.c src/usr.sbin/freebsd-update freebsd-update.sh Message-ID: <200912030939.nB39dQUI080460@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
cperciva 2009-12-03 09:18:40 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_7_1)
. UPDATING
crypto/openssl/ssl s3_lib.c s3_pkt.c s3_srvr.c
etc/mtree BSD.var.dist
libexec/rtld-elf rtld.c
usr.sbin/freebsd-update freebsd-update.sh
Log:
SVN rev 200054 on 2009-12-03 09:18:40Z by cperciva
Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]
Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]
Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]
Approved by: so (cperciva)
Security: FreeBSD-SA-09:15.ssl
Security: FreeBSD-SA-09:16.rtld
Security: FreeBSD-SA-09:17.freebsd-udpate
Revision Changes Path
1.507.2.13.2.12 +11 -0 src/UPDATING
1.1.1.13.6.1 +3 -0 src/crypto/openssl/ssl/s3_lib.c
1.1.1.12.6.1 +2 -5 src/crypto/openssl/ssl/s3_pkt.c
1.1.1.17.6.2 +7 -0 src/crypto/openssl/ssl/s3_srvr.c
1.75.6.2 +1 -1 src/etc/mtree/BSD.var.dist
1.124.2.3.2.2 +6 -5 src/libexec/rtld-elf/rtld.c
1.8.2.4.2.2 +1 -0 src/usr.sbin/freebsd-update/freebsd-update.sh
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912030939.nB39dQUI080460>