d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
237,734 Commits 4 Branches 49 Tags
Commit Graph

32 Commits

Author SHA1 Message Date
jkim
97091e1369 Merge OpenSSL 1.0.2i. 2016-09-22 13:27:44 +00:00
jkim
8d77ecefb7 Merge OpenSSL 1.0.2e. 2015-12-03 21:13:35 +00:00
jkim
6b741bee15 Merge OpenSSL 1.0.2d. 2015-10-30 20:51:33 +00:00
jkim
d675e841ef Merge OpenSSL 1.0.1n. 2015-06-11 19:00:55 +00:00
jkim
d962da16eb Merge OpenSSL 1.0.1m. 2015-03-20 19:16:18 +00:00
jkim
4f9b1cef1a Merge OpenSSL 1.0.1k. 2015-01-08 23:42:41 +00:00
jkim
411d431d45 Merge OpenSSL 1.0.1j. 2014-10-15 19:12:05 +00:00
jkim
3299c3be1a Merge OpenSSL 1.0.1i. 2014-08-07 18:56:10 +00:00
jkim
68fed3306b Merge OpenSSL 1.0.1h. 
Approved by:	so (delphij)
 2014-06-09 05:50:57 +00:00
delphij
aa92285a00 Fix OpenSSL multiple vulnerabilities. 
Security:	CVE-2014-0195, CVE-2014-0221, CVE-2014-0224,
		CVE-2014-3470
Security:	SA-14:14.openssl
Approved by:	so
 2014-06-05 12:32:16 +00:00
delphij
43c7f4a7f1 Fix OpenSSL NULL pointer deference vulnerability. 
Obtained from:	OpenBSD
Security:	FreeBSD-SA-14:09.openssl
Security:	CVE-2014-0198
 2014-05-13 23:17:24 +00:00
delphij
7e64659205 Fix OpenSSL use-after-free vulnerability. 
Obtained from:	OpenBSD
Security:	FreeBSD-SA-14:09.openssl
Security:	CVE-2010-5298
 2014-04-30 04:02:36 +00:00
jkim
a8c44ea5cf Merge OpenSSL 1.0.1f. 
Approved by:	so (delphij), benl (silence)
 2014-01-22 19:57:11 +00:00
jkim
754bee5776 Merge OpenSSL 1.0.1e. 
Approved by:	secteam (simon), benl (silence)
 2013-02-13 23:07:20 +00:00
jkim
e393e47b1e Merge OpenSSL 1.0.1c. 
Approved by:	benl (maintainer)
 2012-07-12 19:30:53 +00:00
simon
2176e0cd52 Merge OpenSSL 0.9.8n into head. 
This fixes CVE-2010-0740 which only affected -CURRENT (OpenSSL 0.9.8m)
but not -STABLE branches.

I have not yet been able to find out if CVE-2010-0433 impacts FreeBSD.
This will be investigated further.

Security:	CVE-2010-0433, CVE-2010-0740
Security:	http://www.openssl.org/news/secadv_20100324.txt
 2010-04-01 15:19:51 +00:00
simon
0d816bbd98 Merge OpenSSL 0.9.8m into head. 
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL.  The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.

MFC after:	3 weeks
 2010-03-13 19:22:41 +00:00
cperciva
e4106d9e8f Disable SSL renegotiation in order to protect against a serious 
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
 2009-12-03 09:18:40 +00:00
simon
5fb395764b Merge OpenSSL 0.9.8k into head. 
Approved by:	re
 2009-06-14 19:45:16 +00:00
simon
64fcbc70db Flatten OpenSSL vendor tree. 2008-08-23 10:51:00 +00:00
simon
ee48ceb6a8 Vendor import of OpenSSL 0.9.8e. 2007-03-15 20:03:30 +00:00
simon
fb3c70eda8 Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
nectar
78a59572b3 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
nectar
e8232d78ab Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079). 
Obtained from:	OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
 2004-03-17 12:11:08 +00:00
nectar
6c9986c446 Vendor import of OpenSSL 0.9.7a. 2003-02-19 23:17:42 +00:00
markm
aad1d64cb5 Vendor import of OpenSSL release 0.9.7. This release includes 
support for AES and OpenBSD's hardware crypto.
 2003-01-28 21:43:22 +00:00
nectar
0aed2eea83 Import of OpenSSL 0.9.6d. 2002-07-30 12:44:15 +00:00
kris
1f8c2aa176 Initial import of OpenSSL 0.9.6c 2002-01-27 03:13:07 +00:00
kris
7e55354aa4 Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10 2001-02-18 03:17:36 +00:00
kris
539b977eff Initial import of OpenSSL 0.9.6 2000-11-13 01:03:58 +00:00
kris
54c77f990d Initial import of OpenSSL 0.9.5a 2000-04-13 06:33:22 +00:00
kris
2e467dc342 Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent 
infringement reasons.
 2000-01-10 06:22:05 +00:00