summaryrefslogtreecommitdiff
path: root/math/randlib
diff options
context:
space:
mode:
authortnn <tnn@pkgsrc.org>2009-04-05 15:50:17 +0000
committertnn <tnn@pkgsrc.org>2009-04-05 15:50:17 +0000
commitce257462cdcd7cadef6ef8de390afa63ede55bc8 (patch)
tree7895c5b5cf629216957a7769ab58c21fffdd22be /math/randlib
parentd3551cd683ad25e1356f68eb54eac4f2a6662acc (diff)
downloadpkgsrc-ce257462cdcd7cadef6ef8de390afa63ede55bc8.tar.gz
Update to openssl-0.9.8k.
Changes between 0.9.8j and 0.9.8k [25 Mar 2009] *) Don't set val to NULL when freeing up structures, it is freed up by underlying code. If sizeof(void *) > sizeof(long) this can result in zeroing past the valid field. (CVE-2009-0789) *) Fix bug where return value of CMS_SignerInfo_verify_content() was not checked correctly. This would allow some invalid signed attributes to appear to verify correctly. (CVE-2009-0591) *) Reject UniversalString and BMPString types with invalid lengths. This prevents a crash in ASN1_STRING_print_ex() which assumes the strings have a legal length. (CVE-2009-0590) *) Set S/MIME signing as the default purpose rather than setting it unconditionally. This allows applications to override it at the store level. *) Permit restricted recursion of ASN1 strings. This is needed in practice to handle some structures. *) Improve efficiency of mem_gets: don't search whole buffer each time for a '\n' *) New -hex option for openssl rand. *) Print out UTF8String and NumericString when parsing ASN1. *) Support NumericString type for name components. *) Allow CC in the environment to override the automatically chosen compiler. Note that nothing is done to ensure flags work with the chosen compiler.
Diffstat (limited to 'math/randlib')
0 files changed, 0 insertions, 0 deletions