Date: Wed, 7 Jan 2009 20:17:55 +0000 (UTC) From: "Simon L. Nielsen" <simon@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/contrib/lukemftpd/src extern.h ftpcmd.y ftpd.c src/crypto/openssl/apps speed.c spkac.c verify.c x509.c src/crypto/openssl/ssl s2_clnt.c s2_srvr.c s3_clnt.c s3_srvr.c ssltest.c Message-ID: <200901072039.n07Kd7NS066142@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
simon 2009-01-07 20:17:55 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_7)
contrib/lukemftpd/src extern.h ftpcmd.y ftpd.c
crypto/openssl/apps speed.c spkac.c verify.c x509.c
crypto/openssl/ssl s2_clnt.c s2_srvr.c s3_clnt.c s3_srvr.c
ssltest.c
Log:
SVN rev 186872 on 2009-01-07 20:17:55Z by simon
Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
long commands into multiple requests. [09:01]
Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]
Security: FreeBSD-SA-09:01.lukemftpd
Security: FreeBSD-SA-09:02.openssl
Obtained from: NetBSD [SA-09:01]
Obtained from: OpenSSL Project [SA-09:02]
Approved by: so (simon)
Revision Changes Path
1.1.1.5.2.1 +1 -1 src/contrib/lukemftpd/src/extern.h
1.1.1.6.2.1 +31 -8 src/contrib/lukemftpd/src/ftpcmd.y
1.5.2.1 +8 -2 src/contrib/lukemftpd/src/ftpd.c
1.15.2.1 +1 -1 src/crypto/openssl/apps/speed.c
1.1.1.5.2.1 +1 -1 src/crypto/openssl/apps/spkac.c
1.1.1.6.2.1 +1 -2 src/crypto/openssl/apps/verify.c
1.1.1.11.2.1 +1 -1 src/crypto/openssl/apps/x509.c
1.15.2.1 +1 -1 src/crypto/openssl/ssl/s2_clnt.c
1.13.2.1 +2 -2 src/crypto/openssl/ssl/s2_srvr.c
1.1.1.14.2.1 +3 -3 src/crypto/openssl/ssl/s3_clnt.c
1.1.1.17.2.1 +1 -1 src/crypto/openssl/ssl/s3_srvr.c
1.1.1.10.2.1 +1 -1 src/crypto/openssl/ssl/ssltest.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901072039.n07Kd7NS066142>