From owner-cvs-src-old@FreeBSD.ORG  Thu Dec  3 10:18:26 2009
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2E706106566B
	for <cvs-src-old@freebsd.org>; Thu,  3 Dec 2009 10:18:26 +0000 (UTC)
	(envelope-from cperciva@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 199F28FC08
	for <cvs-src-old@freebsd.org>; Thu,  3 Dec 2009 10:18:26 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id nB3AIPEr087270
	for <cvs-src-old@freebsd.org>; Thu, 3 Dec 2009 10:18:25 GMT
	(envelope-from cperciva@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id nB3AIP8H087269
	for cvs-src-old@freebsd.org; Thu, 3 Dec 2009 10:18:25 GMT
	(envelope-from cperciva@repoman.freebsd.org)
Message-Id: <200912031018.nB3AIP8H087269@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	cperciva@repoman.freebsd.org using -f
From: Colin Percival <cperciva@FreeBSD.org>
Date: Thu, 3 Dec 2009 09:18:40 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: RELENG_7_2
Subject: cvs commit: src UPDATING src/crypto/openssl/ssl s3_lib.c s3_pkt.c
 s3_srvr.c src/etc/mtree BSD.var.dist src/libexec/rtld-elf rtld.c
 src/usr.sbin/freebsd-update freebsd-update.sh
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2009 10:18:26 -0000

cperciva    2009-12-03 09:18:40 UTC

  FreeBSD src repository

  Modified files:        (Branch: RELENG_7_2)
    .                    UPDATING 
    crypto/openssl/ssl   s3_lib.c s3_pkt.c s3_srvr.c 
    etc/mtree            BSD.var.dist 
    libexec/rtld-elf     rtld.c 
    usr.sbin/freebsd-update freebsd-update.sh 
  Log:
  SVN rev 200054 on 2009-12-03 09:18:40Z by cperciva
  
  Disable SSL renegotiation in order to protect against a serious
  protocol flaw. [09:15]
  
  Correctly handle failures from unsetenv resulting from a corrupt
  environment in rtld-elf. [09:16]
  
  Fix permissions in freebsd-update in order to prevent leakage of
  sensitive files. [09:17]
  
  Approved by:    so (cperciva)
  Security:       FreeBSD-SA-09:15.ssl
  Security:       FreeBSD-SA-09:16.rtld
  Security:       FreeBSD-SA-09:17.freebsd-udpate
  
  Revision          Changes    Path
  1.507.2.23.2.8    +11 -0     src/UPDATING
  1.1.1.13.8.1      +3 -0      src/crypto/openssl/ssl/s3_lib.c
  1.1.1.12.8.1      +2 -5      src/crypto/openssl/ssl/s3_pkt.c
  1.1.1.17.2.1.2.1  +7 -0      src/crypto/openssl/ssl/s3_srvr.c
  1.75.8.2          +1 -1      src/etc/mtree/BSD.var.dist
  1.124.2.4.2.2     +6 -5      src/libexec/rtld-elf/rtld.c
  1.8.2.4.4.2       +1 -0      src/usr.sbin/freebsd-update/freebsd-update.sh