ViewVC Help
| View Changeset | Root Listing
root/src
Jump to revision: Previous Next
Author: laffer1
Date: Sat Jan 30 18:07:14 2016 UTC (8 years, 2 months ago)
Log Message: 
MidnightBSD 0.7.4 RELEASE

OpenSSL CVE-2015-3197

        A malicious client can negotiate SSLv2 ciphers that have been disabled on
        the server and complete SSLv2 handshakes even if all SSLv2 ciphers have
        been disabled, provided that the SSLv2 protocol was not also disabled via
        SSL_OP_NO_SSLv2.

Changed paths

Path Details
Directorystable/0.7/UPDATING modified , text changed
Directorystable/0.7/crypto/openssl/ssl/s2_srvr.c modified , text changed
Directorystable/0.7/sys/conf/newvers.sh modified , text changed