From owner-svn-src-all@FreeBSD.ORG Wed May 14 00:54:48 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 21715C6E; Wed, 14 May 2014 00:54:48 +0000 (UTC) Received: from anubis.delphij.net (anubis.delphij.net [64.62.153.212]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "anubis.delphij.net", Issuer "StartCom Class 1 Primary Intermediate Server CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 04CC622E3; Wed, 14 May 2014 00:54:47 +0000 (UTC) Received: from zeta.ixsystems.com (unknown [69.198.165.132]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by anubis.delphij.net (Postfix) with ESMTPSA id C4D0423587; Tue, 13 May 2014 17:54:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delphij.net; s=anubis; t=1400028881; bh=8lG9xizMxsVwhqrn56KAD48cva66tm1FshEU9VI1bDs=; h=Date:From:Reply-To:To:CC:Subject:References:In-Reply-To; b=JhPtLeSyc/teA3ptAO0os6yygF2odu5ifjuVNV203WeCRnDgSKScr4FgPtrr25lcY lymMnVDmB+hisrZ96lRzKcQOUol/yWZCTPYHBC9cIHDy6zsx8tHhhkV51J1mwA9LlB 9ssTeVzfpsTSI5O+uyEToZb3pHl/X0HSvRtOc7us= Message-ID: <5372BED0.7010907@delphij.net> Date: Tue, 13 May 2014 17:54:40 -0700 From: Xin Li Reply-To: d@delphij.net Organization: The FreeBSD Project MIME-Version: 1.0 To: Andrey Chernov , Xin LI , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: Re: svn commit: r265986 - stable/10/crypto/openssl/ssl References: <201405132319.s4DNJH7T055013@svn.freebsd.org> <5372AC8E.1070507@freebsd.org> In-Reply-To: <5372AC8E.1070507@freebsd.org> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 7bit Cc: "secteam@FreeBSD.org" X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 00:54:48 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/13/14 16:36, Andrey Chernov wrote: > On 14.05.2014 3:19, Xin LI wrote: >> Author: delphij Date: Tue May 13 23:19:16 2014 New Revision: >> 265986 URL: http://svnweb.freebsd.org/changeset/base/265986 >> >> Log: Fix OpenSSL NULL pointer deference vulnerability. >> >> Obtained from: OpenBSD Security: FreeBSD-SA-14:09.openssl >> Security: CVE-2014-0198 > > Official fix is a bit different: > https://github.com/openssl/openssl/commit/b107586c0c3447ea22dba8698ebbcd81bb29d48c > > from > https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 > > Do we follow official branch or OpenBSD fixes? Principally we follow the official branch whenever applicable, we didn't do it for this one because the advisory was prepared about two weeks ago. For -HEAD and -STABLE we should probably adopt the upstream version to ease future maintenance. Cheers, - -- Xin LI https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBCgAGBQJTcr7QAAoJEJW2GBstM+nsZSkQAKxb/l+s7TEJadXf3a2pMR1/ DbNBW2WKTCS8QqGRyIqd2z9VPpsa5ECIVpaiekMLUxG85m+mBqV3sTQUXjFTwaU7 HQIGkiCbwnw8/u0+xoFByGzQW822qVvW/+OoylEw90JnDqtrWsoDfLND80H1/IUj LKPJu2lU4rI6EFQ2b6ps01XqaoWKK16MkyB47CiRcDlonqWJ5SvB9TsDsyFJjb5u gnq6RYuZfSFzt8NGL1/9wLXjR9QPtmd/ekp+NOkGRQHPoGjIQ7/Z/mKfEpm11UVs lHm3c89O0+JxNfVzZrlx70xMYrbZCI7oGPlIROjF8jel/RfpypVnDB4L162Nhslw oMlEtD88Kzlb0OWdBmyo811p9wqQ7l2xer774oQzWmfSjo1eZzuNcniYEBwGZ37y hif8tOLEnc4yXZmdKFb5qwpYftyBRfA76bKXEUGXz91b0zdK2M09SuPkgtUiks6Y 6Ame2UHpIwaMULzUA8r98o6C21YuirKM2mD3BGe1zZtWJQ6U2l6a0MCe4d9//6yq aciKsnLgZbaxa1aza3b1gO8fW3Da/9bQ06eeLhcM/F6wEx9dMSo+TAtrjWK95Q9L eNynRxAw3udWAqV+AdVB9U9SGckqe0lLDjMeJq2IV8GCwQb34oAfX5qklyRj2OaI LB21EyspUSw1/hjFrYYI =8DUK -----END PGP SIGNATURE-----