Fix multiple OpenSSL vulnerabilities as published in
OpenSSL advisory on 2016/03/01:
constant-time MOD_EXP_CTIME_COPY_FROM_PREBUF.
[CVE-2016-0702, upstream
d6482a8.
5ea08bd,
d6d422e,
8fc8f48 317be63 skipped intentionally as we are not
using the code on FreeBSD. Backport done by jkim@.
Fix memory issues in BIO_*printf functions.
[CVE-2016-0799, upstream
d889682,
a801bf2].
Fix BN_hex2bn/BN_dec2bn NULL ptr/heap corruption.
[CVE-2016-0797, upstream
8f65132].
Disable SSLv2 in default negotiation and weak ciphers.
[CVE-2016-0800 "DROWN", upstream
56f1acf5]. Note that
support of SSLv2 is not removed in order to preserve
ABI compatibility, and application may still explicitly
ask for vulnerable protocol or ciphers.
In collaboration with: jkim
git-svn-id: svn://svn.freebsd.org/base/stable/9@296462
ccf9f872-aa2e-dd11-9fc8-
001c23d0bc1f