laffer1 | 3 May 19:40 2012

src: openssl/ssl: OpenSSL failes to clear the bytes used as block cipher

Log Message:
-----------
OpenSSL failes to clear the bytes used as block cipher padding in SSL 3.0
records when operating as a client or a server that accept SSL 3.0
handshakes.  As a result, in each record, up to 15 bytes of uninitialized
memory may be sent, encrypted, to the SSL peer.  This could include
sensitive contents of previously freed memory. [CVE-2011-4576]

OpenSSL support for handshake restarts for server gated cryptograpy (SGC)
can be used in a denial-of-service attack. [CVE-2011-4619]

If an application uses OpenSSL's certificate policy checking when
verifying X509 certificates, by enabling the X509_V_FLAG_POLICY_CHECK
flag, a policy check failure can lead to a double-free. [CVE-2011-4109]

A weakness in the OpenSSL PKCS #7 code can be exploited using
Bleichenbacher's attack on PKCS #1 v1.5 RSA padding also known as the
million message attack (MMA). [CVE-2012-0884]

The asn1_d2i_read_bio() function, used by the d2i_*_bio and d2i_*_fp
functions, in OpenSSL contains multiple integer errors that can cause
memory corruption when parsing encoded ASN.1 data.  This error can occur
on systems that parse untrusted ASN.1 data, such as X.509 certificates
or RSA public keys. [CVE-2012-2110]

Modified Files:
--------------
    src/crypto/openssl/crypto:
        mem.c (r1.1.1.3 -> r1.2)
        (http://cvsweb.midnightbsd.org/src/crypto/openssl/crypto/mem.c?r1=1.1.1.3&r2=1.2)
(Continue reading)

laffer1 | 3 May 20:25 2012

src: /src: 0.3-RELEASE-p6 OpenSSL failes to clear the bytes used as

Log Message:
-----------
0.3-RELEASE-p6

OpenSSL failes to clear the bytes used as block cipher padding in SSL 3.0
records when operating as a client or a server that accept SSL 3.0
handshakes.  As a result, in each record, up to 15 bytes of uninitialized
memory may be sent, encrypted, to the SSL peer.  This could include
sensitive contents of previously freed memory. [CVE-2011-4576]

OpenSSL support for handshake restarts for server gated cryptograpy (SGC)
can be used in a denial-of-service attack. [CVE-2011-4619]

If an application uses OpenSSL's certificate policy checking when
verifying X509 certificates, by enabling the X509_V_FLAG_POLICY_CHECK
flag, a policy check failure can lead to a double-free. [CVE-2011-4109]

A weakness in the OpenSSL PKCS #7 code can be exploited using
Bleichenbacher's attack on PKCS #1 v1.5 RSA padding also known as the
million message attack (MMA). [CVE-2012-0884]

The asn1_d2i_read_bio() function, used by the d2i_*_bio and d2i_*_fp
functions, in OpenSSL contains multiple integer errors that can cause
memory corruption when parsing encoded ASN.1 data.  This error can occur
on systems that parse untrusted ASN.1 data, such as X.509 certificates
or RSA public keys. [CVE-2012-2110]

Tags:
----
RELENG_0_3
(Continue reading)

laffer1 | 12 May 00:34 2012

src: kenv.c: silence warnings

Log Message:
-----------
silence warnings

Modified Files:
--------------
    src/bin/kenv:
        kenv.c (r1.2 -> r1.3)
        (http://cvsweb.midnightbsd.org/src/bin/kenv/kenv.c?r1=1.2&r2=1.3)
Log Message:
-----------
silence warnings

Modified Files:
--------------
    src/bin/kenv:
        kenv.c (r1.2 -> r1.3)
        (http://cvsweb.midnightbsd.org/src/bin/kenv/kenv.c?r1=1.2&r2=1.3)
laffer1 | 12 May 00:35 2012

src: ftree.c: silence warnings

Log Message:
-----------
silence warnings

Modified Files:
--------------
    src/bin/pax:
        ftree.c (r1.2 -> r1.3)
        (http://cvsweb.midnightbsd.org/src/bin/pax/ftree.c?r1=1.2&r2=1.3)
Log Message:
-----------
silence warnings

Modified Files:
--------------
    src/bin/pax:
        ftree.c (r1.2 -> r1.3)
        (http://cvsweb.midnightbsd.org/src/bin/pax/ftree.c?r1=1.2&r2=1.3)
laffer1 | 22 May 02:40 2012

mports: perl5.mk: increase default min perl version except in cases we

Log Message:
-----------
increase default min perl version except in cases we shipped it as part of the release.

Modified Files:
--------------
    mports/Mk/extensions:
        perl5.mk (r1.11 -> r1.12)
        (http://cvsweb.midnightbsd.org/mports/Mk/extensions/perl5.mk?r1=1.11&r2=1.12)
Log Message:
-----------
increase default min perl version except in cases we shipped it as part of the release.

Modified Files:
--------------
    mports/Mk/extensions:
        perl5.mk (r1.11 -> r1.12)
        (http://cvsweb.midnightbsd.org/mports/Mk/extensions/perl5.mk?r1=1.11&r2=1.12)
laffer1 | 22 May 02:42 2012
laffer1 | 22 May 02:46 2012

mports: www/dojo: 1.7.1

Log Message:
-----------
1.7.1

Modified Files:
--------------
    mports/www/dojo:
        Makefile (r1.9 -> r1.10)
        (http://cvsweb.midnightbsd.org/mports/www/dojo/Makefile?r1=1.9&r2=1.10)
        distinfo (r1.8 -> r1.9)
        (http://cvsweb.midnightbsd.org/mports/www/dojo/distinfo?r1=1.8&r2=1.9)
        pkg-plist (r1.8 -> r1.9)
        (http://cvsweb.midnightbsd.org/mports/www/dojo/pkg-plist?r1=1.8&r2=1.9)
Log Message:
-----------
1.7.1

Modified Files:
--------------
    mports/www/dojo:
        Makefile (r1.9 -> r1.10)
        (http://cvsweb.midnightbsd.org/mports/www/dojo/Makefile?r1=1.9&r2=1.10)
        distinfo (r1.8 -> r1.9)
        (http://cvsweb.midnightbsd.org/mports/www/dojo/distinfo?r1=1.8&r2=1.9)
        pkg-plist (r1.8 -> r1.9)
        (http://cvsweb.midnightbsd.org/mports/www/dojo/pkg-plist?r1=1.8&r2=1.9)
laffer1 | 22 May 02:51 2012

mports: x11/xterm: 279

Log Message:
-----------
279

Modified Files:
--------------
    mports/x11/xterm:
        Makefile (r1.22 -> r1.23)
        (http://cvsweb.midnightbsd.org/mports/x11/xterm/Makefile?r1=1.22&r2=1.23)
        distinfo (r1.21 -> r1.22)
        (http://cvsweb.midnightbsd.org/mports/x11/xterm/distinfo?r1=1.21&r2=1.22)
Log Message:
-----------
279

Modified Files:
--------------
    mports/x11/xterm:
        Makefile (r1.22 -> r1.23)
        (http://cvsweb.midnightbsd.org/mports/x11/xterm/Makefile?r1=1.22&r2=1.23)
        distinfo (r1.21 -> r1.22)
        (http://cvsweb.midnightbsd.org/mports/x11/xterm/distinfo?r1=1.21&r2=1.22)
laffer1 | 22 May 02:54 2012

mports: www/moinmoin: 1.9.4.

Log Message:
-----------
1.9.4. security update is strongly recommended

Modified Files:
--------------
    mports/www/moinmoin:
        Makefile (r1.9 -> r1.10)
        (http://cvsweb.midnightbsd.org/mports/www/moinmoin/Makefile?r1=1.9&r2=1.10)
        distinfo (r1.8 -> r1.9)
        (http://cvsweb.midnightbsd.org/mports/www/moinmoin/distinfo?r1=1.8&r2=1.9)
        pkg-plist (r1.9 -> r1.10)
        (http://cvsweb.midnightbsd.org/mports/www/moinmoin/pkg-plist?r1=1.9&r2=1.10)
Log Message:
-----------
1.9.4. security update is strongly recommended

Modified Files:
--------------
    mports/www/moinmoin:
        Makefile (r1.9 -> r1.10)
        (http://cvsweb.midnightbsd.org/mports/www/moinmoin/Makefile?r1=1.9&r2=1.10)
        distinfo (r1.8 -> r1.9)
        (http://cvsweb.midnightbsd.org/mports/www/moinmoin/distinfo?r1=1.8&r2=1.9)
        pkg-plist (r1.9 -> r1.10)
        (http://cvsweb.midnightbsd.org/mports/www/moinmoin/pkg-plist?r1=1.9&r2=1.10)
laffer1 | 22 May 02:58 2012

mports: Makefile: make sure users have at least python 2.5 as required

Log Message:
-----------
make sure users have at least python 2.5 as required by this release

Modified Files:
--------------
    mports/www/moinmoin:
        Makefile (r1.10 -> r1.11)
        (http://cvsweb.midnightbsd.org/mports/www/moinmoin/Makefile?r1=1.10&r2=1.11)
Log Message:
-----------
make sure users have at least python 2.5 as required by this release

Modified Files:
--------------
    mports/www/moinmoin:
        Makefile (r1.10 -> r1.11)
        (http://cvsweb.midnightbsd.org/mports/www/moinmoin/Makefile?r1=1.10&r2=1.11)

Gmane