d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
173,595 Commits 4 Branches 49 Tags
Commit Graph

21 Commits

Author SHA1 Message Date
simon
2e75518768 Merge OpenSSL 0.9.8q into head. 
Security:	CVE-2010-4180
Security:	http://www.openssl.org/news/secadv_20101202.txt
MFC after:	3 days
 2010-12-03 22:59:54 +00:00
simon
7a23485c98 Merge OpenSSL 0.9.8p into head. 
Security:	CVE-2010-3864
Security:	http://www.openssl.org/news/secadv_20101116.txt
 2010-11-22 18:23:44 +00:00
simon
5b9f7b2fde Fix double-free in OpenSSL's SSL ECDH code. 
It has yet to be determined if this warrants a FreeBSD Security
Advisory, but we might as well get it fixed in the normal branches.

Obtained from:	OpenSSL CVS
Security:	CVE-2010-2939
X-MFC after:	Not long...
 2010-11-14 09:33:47 +00:00
simon
0d816bbd98 Merge OpenSSL 0.9.8m into head. 
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL.  The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.

MFC after:	3 weeks
 2010-03-13 19:22:41 +00:00
simon
5fb395764b Merge OpenSSL 0.9.8k into head. 
Approved by:	re
 2009-06-14 19:45:16 +00:00
simon
abe6016909 Prevent cross-site forgery attacks on lukemftpd(8) due to splitting 
long commands into multiple requests. [09:01]

Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]

Security:	FreeBSD-SA-09:01.lukemftpd
Security:	FreeBSD-SA-09:02.openssl
Obtained from:	NetBSD [SA-09:01]
Obtained from:	OpenSSL Project [SA-09:02]
Approved by:	so (simon)
 2009-01-07 20:17:55 +00:00
simon
64fcbc70db Flatten OpenSSL vendor tree. 2008-08-23 10:51:00 +00:00
simon
ee48ceb6a8 Vendor import of OpenSSL 0.9.8e. 2007-03-15 20:03:30 +00:00
simon
fb3c70eda8 Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
nectar
78a59572b3 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
nectar
0f095e8a2a Vendor import of OpenSSL 0.9.7d. 2004-03-17 15:49:33 +00:00
nectar
ee25ce74b3 Vendor import of OpenSSL 0.9.7c 2003-10-01 12:32:41 +00:00
markm
aad1d64cb5 Vendor import of OpenSSL release 0.9.7. This release includes 
support for AES and OpenBSD's hardware crypto.
 2003-01-28 21:43:22 +00:00
nectar
c99c2264cb Import of OpenSSL 0.9.6f. 2002-08-10 01:46:10 +00:00
nectar
2f13e09165 Import of OpenSSL 0.9.6e. 2002-07-30 13:38:06 +00:00
nectar
0aed2eea83 Import of OpenSSL 0.9.6d. 2002-07-30 12:44:15 +00:00
kris
1f8c2aa176 Initial import of OpenSSL 0.9.6c 2002-01-27 03:13:07 +00:00
kris
7e55354aa4 Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10 2001-02-18 03:17:36 +00:00
kris
539b977eff Initial import of OpenSSL 0.9.6 2000-11-13 01:03:58 +00:00
kris
54c77f990d Initial import of OpenSSL 0.9.5a 2000-04-13 06:33:22 +00:00
kris
2e467dc342 Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent 
infringement reasons.
 2000-01-10 06:22:05 +00:00