src/crypto, branch releng/8.4

src/crypto, branch releng/8.4 FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F8.4 2015-07-30T10:09:31Z Fix a regression introduced with previous SA-15:16.openssl 2015-07-30T10:09:31Z Xin LI delphij@FreeBSD.org 2015-07-30T10:09:31Z urn:sha1:554a1309dbd71bb59ed4e97ea5e0bc829dad0f04 changeset. The problem is specific to FreeBSD 8.x. Submitted by: jkim Pointy hat to: delphij Approved by: so Fix resource exhaustion in TCP reassembly. [SA-15:15] 2015-07-28T19:59:22Z Xin LI delphij@FreeBSD.org 2015-07-28T19:59:22Z urn:sha1:b768bf90231687be0e762c2e523a20c0e3cd711d Fix OpenSSH multiple vulnerabilities. [SA-15:16] Fix BIND remote denial of service vulnerability. [SA-15:17] Approved by: so Fix OpenSSL multiple vulnerabilities. 2015-06-12T07:23:55Z Xin LI delphij@FreeBSD.org 2015-06-12T07:23:55Z urn:sha1:1e093488fd8b8d5b7c314a2440b05f4a23bf79d6 Security: FreeBSD-SA-15:10.openssl Approved by: so Fix issues with original SA-15:06.openssl commit: 2015-03-20T07:12:02Z Xin LI delphij@FreeBSD.org 2015-03-20T07:12:02Z urn:sha1:e5ed6da9604995d79143d363267a2d48c2e8c2fb - Revert a portion of ASN1 change per suggested by OpenBSD and OpenSSL developers. The change was removed from the formal OpenSSL release and does not solve security issue. - Properly fix CVE-2015-0209 and CVE-2015-0288. Approved by: so Fix multiple OpenSSL vulnerabilities. 2015-03-19T17:42:38Z Xin LI delphij@FreeBSD.org 2015-03-19T17:42:38Z urn:sha1:1aad402120001a2ec3f1c329065b5415b4e44526 Security: FreeBSD-SA-15:06.openssl Security: CVE-2015-0209 Security: CVE-2015-0286 Security: CVE-2015-0287 Security: CVE-2015-0288 Security: CVE-2015-0289 Security: CVE-2015-0293 Approved by: so Fix integer overflow in IGMP protocol. [SA-15:04] 2015-02-25T05:56:54Z Xin LI delphij@FreeBSD.org 2015-02-25T05:56:54Z urn:sha1:99fd9fc5a1e6c148f0fb1ab97d695afaab18b6e8 Fix BIND remote denial of service vulnerability. [SA-15:05] Fix vt(4) crash with improper ioctl parameters. [EN-15:01] Updated base system OpenSSL to 0.9.8zd. [EN-15:02] Fix freebsd-update libraries update ordering issue. [EN-15:03] Approved by: so Fix multiple vulnerabilities in OpenSSL. [SA-15:01] 2015-01-14T21:27:46Z Xin LI delphij@FreeBSD.org 2015-01-14T21:27:46Z urn:sha1:926429c9528cf6ef0b305efa02933179fb9e6b56 Approved by: so Fix routed(8) remote denial of service vulnerability. [SA-14:21] 2014-10-21T20:21:27Z Xin LI delphij@FreeBSD.org 2014-10-21T20:21:27Z urn:sha1:33ecb7d6963ddbe42b8da8d9f978e075cac409d9 Fix OpenSSL multiple vulnerabilities. [SA-14:23] Approved by: so Fix multiple OpenSSL vulnerabilities: 2014-09-09T10:13:46Z Xin LI delphij@FreeBSD.org 2014-09-09T10:13:46Z urn:sha1:60d14ee88c0a2b3ed153848d2d7ee0fa6008ebd9 The receipt of a specifically crafted DTLS handshake message may cause OpenSSL to consume large amounts of memory. [CVE-2014-3506] The receipt of a specifically crafted DTLS packet could cause OpenSSL to leak memory. [CVE-2014-3507] A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. [CVE-2014-3508] OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. [CVE-2014-3510] Security: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510 Security: FreeBSD-SA-14:18.openssl Approved by: so Fix multiple vulnerabilities in file(1) and libmagic(3). 2014-06-24T19:05:47Z Xin LI delphij@FreeBSD.org 2014-06-24T19:05:47Z urn:sha1:5a9e14150cbd3538e0a5eb4934cc5e8c6e56de13 [SA-14:16] Fix gss_pseudo_random interoperability issue. [EN-14:08] Security: CVE-2012-1571, CVE-2013-7345, CVE-2014-1943, CVE-2014-2270 Security: FreeBSD-SA-14:16.file Approved by: so