Next | Query returned 3 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2012-03-14 15:48:33 by Matthias Scheler | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket #3702 - requested by taca
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                     1.163
- security/openssl/distinfo                                     1.86
- security/openssl/patches/patch-asn_mime.c                     deleted

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Mar 13 03:11:32 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Removed Files:
   	pkgsrc/security/openssl/patches: patch-asn_mime.c

   Log message:
   Update openssl pacakge to 0.9.8u.

    Changes between 0.9.8t and 0.9.8u [12 Mar 2012]

     *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
        in CMS and PKCS7 code. When RSA decryption fails use a random key for
        content decryption and always return the same error. Note: this attack
        needs on average 2^20 messages so it only affects automated senders. The
        old behaviour can be reenabled in the CMS code by setting the
        CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
        an MMA defence is not necessary.
        Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
        this issue. (CVE-2012-0884)
        [Steve Henson]

     *) Fix CVE-2011-4619: make sure we really are receiving a
        client hello before rejecting multiple SGC restarts. Thanks to
        Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
        [Steve Henson]
   2012-03-06 11:29:30 by Matthias Scheler | Files touched by this commit (3)
Log message:
Pullup ticket #3698 - requested by pettai
security/openssl: security patch

Revisions pulled up:
- security/openssl/Makefile                                     1.162
- security/openssl/distinfo                                     1.85
- security/openssl/patches/patch-asn_mime.c                     1.1

---
   Module Name:	pkgsrc
   Committed By:	pettai
   Date:		Mon Mar  5 00:26:55 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo
   Added Files:
   	pkgsrc/security/openssl/patches: patch-asn_mime.c

   Log message:
   Add fix for CVE-2006-7250
   2012-01-19 07:11:49 by Steven Drake | Files touched by this commit (2)
Log message:
Pullup ticket #3656 - requested by taca
security/openssl security fix

Revisions pulled up:
- security/openssl/Makefile                                     1.160
- security/openssl/distinfo                                     1.84

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Jan 19 00:51:23 UTC 2012

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log message:
   Update security/openssl package to 0.9.8t.

    OpenSSL CHANGES
    _______________

    Changes between 0.9.8s and 0.9.8t [18 Jan 2012]

     *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
        Thanks to Antonio Martin, Enterprise Secure Access Research and
        Development, Cisco Systems, Inc. for discovering this bug and
        preparing a fix. (CVE-2012-0050)
        [Antonio Martin]

Next | Query returned 3 messages, browsing 1 to 10 | previous