svn commit: r215912 - in stable/8: crypto/openssl
crypto/openssl/apps crypto/openssl/crypto
crypto/openssl/crypto/aes crypto/openssl/crypto/aes/asm
crypto/openssl/crypto/asn1 crypto/openssl/crypto/...
Simon L. B. Nielsen
simon at nitro.dk
Fri Nov 26 23:16:37 UTC 2010
On 26 Nov 2010, at 23:50, Simon L. Nielsen wrote:
> Author: simon
> Date: Fri Nov 26 22:50:58 2010
> New Revision: 215912
> URL: http://svn.freebsd.org/changeset/base/215912
>
> Log:
> Merge OpenSSL 0.9.8p into stable/8.
>
> This merges up to and including head/crypto/openssl/ r215697; and
> head/secure/lib/libcrypto/, head/secure/lib/libssl/,
> head/secure/usr.bin/openssl/ r215698.
>
> To make the merge simpler, a hack was added to set MACHINE_CPUARCH.
>
> Security: CVE-2010-2939, CVE-2010-3864
> Security: http://www.openssl.org/news/secadv_20101116.txt
> Security: FreeBSD-SA-10:10.openssl
> Approved by: re (implicitly - they did not object of the general idea
> of OpenSSL update)
Just in case anyone is wondering, FreeBSD-SA-10:10.openssl will not be released right now, but should be out early next week. I just thought I might as well mention it in the commit message as the name is known at this point.
PS from what I read and tested so far, the actual risk with both CVE-2010-2939 [1] and CVE-2010-3864 is very little.
[1] At least for FreeBSD's current OpenSSL 0.9.8.
--
Simon L. B. Nielsen
Hat: OpenSSL maintainer (and a bit of the secteam hat)
More information about the svn-src-stable
mailing list