security/openssl: 1.0.1f - fixes 3 CVEs and a bug

Barry Allard barry.allard at
Wed Jan 8 07:14:50 UTC 2014

> Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
>     - Don't include gmt_unix_time in TLS server and client random values
>     - Fix for TLS record tampering bug CVE-2013-4353
>     - Fix for TLS version checking bug CVE-2013-6449
>     - Fix for DTLS retransmission bug CVE-2013-6450

Barry Allard


Maintainer details:

  sha256: 6cc2a80b17d64de6b7bac985745fdaba971d54ffd7d38d3556f998d7c0c9cb5a
  sha1: 9ef09e97dfc9f14ac2c042f3b7e301098794fc0f

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the freebsd-ports mailing list