CyberLeo.Net >> Repos - FreeBSD/releng/10.0.git/commit

MFS r260404 (MFC r260403 (MFV r260399)):

Apply vendor commits:

197e0ea Fix for TLS record tampering bug.  (CVE-2013-4353).
3462896 For DTLS we might need to retransmit messages from the
previous session so keep a copy of write context in DTLS
retransmission buffers instead of replacing it after
sending CCS.  (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
algorithms use the version number in the corresponding
SSL_METHOD structure instead of the SSL structure.  The
SSL structure version is sometimes inaccurate.
Note: OpenSSL 1.0.2 and later effectively do this already.
(CVE-2013-6449).

Security: CVE-2013-4353
Security: CVE-2013-6449
Security: CVE-2013-6450
Approved by: re (gjb)

git-svn-id: svn://svn.freebsd.org/base/releng/10.0@260405 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f

author	delphij <delphij@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Tue, 7 Jan 2014 20:06:20 +0000 (20:06 +0000)
committer	delphij <delphij@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Tue, 7 Jan 2014 20:06:20 +0000 (20:06 +0000)
commit	6c7dba3a338e23382c99a1fdec83048a3c1d00f2
tree	8ca48edbeb257477f57aaf99ebd5aa6d1870ed09	tree \| snapshot
parent	e4720a7a91e02cfc35d010bb366000cc90a7f6db	commit \| diff

crypto/openssl/ssl/d1_both.c		diff \| blob \| history
crypto/openssl/ssl/s3_both.c		diff \| blob \| history
crypto/openssl/ssl/s3_lib.c		diff \| blob \| history
crypto/openssl/ssl/ssl_locl.h		diff \| blob \| history
crypto/openssl/ssl/t1_enc.c		diff \| blob \| history