diff options
author | adam <adam@pkgsrc.org> | 2011-05-09 13:30:47 +0000 |
---|---|---|
committer | adam <adam@pkgsrc.org> | 2011-05-09 13:30:47 +0000 |
commit | 5b6861ce0046c658d8e1d4b3c66a54c6931fd85f (patch) | |
tree | f1afde847f299aa17cd39babcc825e469687993b /security/ssh-ip-tunnel/distinfo | |
parent | 6370a265e08059a735a0041e1044cfb352d00dd6 (diff) | |
download | pkgsrc-5b6861ce0046c658d8e1d4b3c66a54c6931fd85f.tar.gz |
Changes 4.76:
* The new ldap_require_cert option would segfault if used. Fixed.
* Harmonised TLS library version reporting; only show if debugging.
Layout now matches that introduced for other libraries in 4.74 PP/03.
* New openssl_options items: no_sslv2 no_sslv3 no_ticket no_tlsv1
* New "dns_use_edns0" global option.
* Don't segfault on misconfiguration of ref:name exim-user as uid.
* Extra paranoia around buffer usage at the STARTTLS transition.
nb: Exim is not vulnerable to http://www.kb.cert.org/vuls/id/555316
* Updated PolarSSL code to 0.14.2.
* Catch divide-by-zero in ${eval:...}.
* Condition negation of bool{}/bool_lax{} did not negate. Fixed.
* CVE-2011-1764 - DKIM log line was subject to a format-string attack --
SECURITY: remote arbitrary code execution.
* SECURITY - DKIM signature header parsing was double-expanded, second
time unintentionally subject to list matching rules, letting the header
cause arbitrary Exim lookups (of items which can occur in lists, *not*
arbitrary string expansion). This allowed for information disclosure.
* Fix another SIGFPE (x86) in ${eval:...} expansion, this time related to
INT_MIN/-1 -- value coerced to INT_MAX.
Diffstat (limited to 'security/ssh-ip-tunnel/distinfo')
0 files changed, 0 insertions, 0 deletions