Subject: CVS commit: [pkgsrc-2008Q1] pkgsrc/security/openssl
From: Tyler R. Retzlaff
Date: 2008-06-05 14:24:00
Message id: 20080605122400.18964175D0@cvs.netbsd.org
Log Message:
pullup ticket #2414 - requested by tonnerre
openssl: DoS and double free fixes

revisions pulled up:
- pkgsrc/security/openssl/Makefile		1.132
- pkgsrc/security/openssl/distinfo		1.60
- pkgsrc/security/openssl/patches/patch-ab	1.12
- pkgsrc/security/openssl/patches/patch-ah	1.8

   Module Name: pkgsrc
   Committed By:        tonnerre
   Date:                Tue Jun  3 21:39:40 UTC 2008

   Modified Files:
        pkgsrc/security/openssl: Makefile distinfo
   Added Files:
        pkgsrc/security/openssl/patches: patch-ab patch-ah

   Log Message:
   Fix two Denial of Service vulnerabilities in OpenSSL 0.9.8g:
   - Fix flaw if 'Server Key exchange message' is omitted from a TLS
   handshake which could lead to a silent crash.
   - Fix double free in TLS server name extensions which could lead to a
   remote crash.

   Patches from upstream.
Files:
RevisionActionfile
1.131.2.1modifypkgsrc/security/openssl/Makefile
1.58.2.1modifypkgsrc/security/openssl/distinfo
1.11.26.1addpkgsrc/security/openssl/patches/patch-ab