Date: Sat, 29 Aug 2009 15:21:50 +0000 (UTC) From: "Simon L. Nielsen" <simon@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/crypto/openssl/crypto/pqueue pqueue.c pqueue.h src/crypto/openssl/ssl d1_both.c d1_pkt.c Message-ID: <200908291522.n7TFMMMw019715@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
simon 2009-08-29 15:21:50 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_8)
crypto/openssl/crypto/pqueue pqueue.c pqueue.h
crypto/openssl/ssl d1_both.c d1_pkt.c
Log:
SVN rev 196641 on 2009-08-29 15:21:50Z by simon
MFC r196474:
Merge DTLS fixes from vendor-crypto/openssl/dist:
- Fix memory consumption bug with "future epoch" DTLS records.
- Fix fragment handling memory leak.
- Do not access freed data structure.
- Fix DTLS fragment bug - out-of-sequence message handling which could
result in NULL pointer dereference in
dtls1_process_out_of_seq_message().
Note that this will not get FreeBSD Security Advisory as DTLS is
experimental in OpenSSL.
Security: CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1387
Approved by: re (kib)
Revision Changes Path
1.1.1.1.10.1 +14 -0 src/crypto/openssl/crypto/pqueue/pqueue.c
1.1.1.1.10.1 +1 -0 src/crypto/openssl/crypto/pqueue/pqueue.h
1.2.2.1 +28 -17 src/crypto/openssl/ssl/d1_both.c
1.2.2.1 +4 -0 src/crypto/openssl/ssl/d1_pkt.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200908291522.n7TFMMMw019715>