CyberLeo.Net >> Repos - FreeBSD/stable/9.git/commit

Fix multiple OpenSSL vulnerabilities as published in
OpenSSL advisory on 2016/03/01:

constant-time MOD_EXP_CTIME_COPY_FROM_PREBUF.
[CVE-2016-0702, upstream d6482a8. 5ea08bd, d6d422e,
8fc8f48 317be63 skipped intentionally as we are not
using the code on FreeBSD. Backport done by jkim@.

Fix memory issues in BIO_*printf functions.
[CVE-2016-0799, upstream d889682, a801bf2].

Fix BN_hex2bn/BN_dec2bn NULL ptr/heap corruption.
[CVE-2016-0797, upstream 8f65132].

Disable SSLv2 in default negotiation and weak ciphers.
[CVE-2016-0800 "DROWN", upstream 56f1acf5]. Note that
support of SSLv2 is not removed in order to preserve
ABI compatibility, and application may still explicitly
ask for vulnerable protocol or ciphers.

In collaboration with: jkim

git-svn-id: svn://svn.freebsd.org/base/stable/9@296462 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f

author	delphij <delphij@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Mon, 7 Mar 2016 16:18:07 +0000 (16:18 +0000)
committer	delphij <delphij@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Mon, 7 Mar 2016 16:18:07 +0000 (16:18 +0000)
commit	01e82720abe2d153c398438e70221575de3136ba
tree	9f727ffe43a67c64867c610ba6d8c024cd7acd81	tree \| snapshot
parent	2fafecf5c758c87ee9d28b09080b63cb9a96255e	commit \| diff

crypto/openssl/crypto/bio/b_print.c		diff \| blob \| history
crypto/openssl/crypto/bn/bn.h		diff \| blob \| history
crypto/openssl/crypto/bn/bn_exp.c		diff \| blob \| history
crypto/openssl/crypto/bn/bn_print.c		diff \| blob \| history
crypto/openssl/doc/apps/ciphers.pod		diff \| blob \| history
crypto/openssl/ssl/s2_lib.c		diff \| blob \| history
crypto/openssl/ssl/ssl_lib.c		diff \| blob \| history
secure/usr.bin/openssl/man/ciphers.1		diff \| blob \| history