svn commit: r215912 - in stable/8: crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/aes crypto/openssl/crypto/aes/asm crypto/openssl/crypto/asn1 crypto/openssl/crypto/...

Simon L. B. Nielsen simon at
Fri Nov 26 23:16:37 UTC 2010

On 26 Nov 2010, at 23:50, Simon L. Nielsen wrote:

> Author: simon
> Date: Fri Nov 26 22:50:58 2010
> New Revision: 215912
> URL:
> Log:
>  Merge OpenSSL 0.9.8p into stable/8.
>  This merges up to and including head/crypto/openssl/ r215697; and
>  head/secure/lib/libcrypto/, head/secure/lib/libssl/,
>  head/secure/usr.bin/openssl/ r215698.
>  To make the merge simpler, a hack was added to set MACHINE_CPUARCH.
>  Security:	CVE-2010-2939, CVE-2010-3864
>  Security:
>  Security:	FreeBSD-SA-10:10.openssl
>  Approved by:	re (implicitly - they did not object of the general idea
>  		of OpenSSL update)

Just in case anyone is wondering, FreeBSD-SA-10:10.openssl will not be released right now, but should be out early next week. I just thought I might as well mention it in the commit message as the name is known at this point.

PS from what I read and tested so far, the actual risk with both CVE-2010-2939 [1] and CVE-2010-3864 is very little.

[1] At least for FreeBSD's current OpenSSL 0.9.8.

Simon L. B. Nielsen
Hat: OpenSSL maintainer (and a bit of the secteam hat)

More information about the svn-src-stable mailing list