diff options
| author | Jung-uk Kim <jkim@FreeBSD.org> | 2015-03-20 15:37:07 +0000 |
|---|---|---|
| committer | Jung-uk Kim <jkim@FreeBSD.org> | 2015-03-20 15:37:07 +0000 |
| commit | a46f5e3e504e070c9b4803e9bd1572a33e0987a8 (patch) | |
| tree | 85dceafa5527f785d231045e9c6b15a44ff98d56 /NEWS | |
| parent | c9331217c9dddaa10d76af01e4edba285a3db2ea (diff) | |
| download | src-a46f5e3e504e070c9b4803e9bd1572a33e0987a8.tar.gz src-a46f5e3e504e070c9b4803e9bd1572a33e0987a8.zip | |
Import OpenSSL 0.9.8zf.vendor/openssl/0.9.8zf
Notes
Notes:
svn path=/vendor-crypto/openssl/dist-0.9.8/; revision=280290
svn path=/vendor-crypto/openssl/0.9.8zf/; revision=280291; tag=vendor/openssl/0.9.8zf
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -5,6 +5,16 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.8ze and OpenSSL 0.9.8zf [19 Mar 2015] + + o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) + o ASN.1 structure reuse memory corruption fix (CVE-2015-0287) + o PKCS7 NULL pointer dereferences fix (CVE-2015-0289) + o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293) + o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209) + o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288) + o Removed the export ciphers from the DEFAULT ciphers + Major changes between OpenSSL 0.9.8zd and OpenSSL 0.9.8ze [15 Jan 2015] o Build fixes for the Windows and OpenVMS platforms |