Day: December 9, 2020

deadsimple BSD Security Advisories and Announcements www.bsdsec.net

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:33.openssl

December 9, 2020

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:33.openssl Security Advisory
The FreeBSD Project

Topic: OpenSSL NULL pointer de-reference

Category: contrib
Module: openssl
Announced: 2020-12-08
Affects: All supported versions of FreeBSD.
Corrected: 2020-12-08 18:28:49 UTC (stable/12, 12.2-STABLE)
2020-12-08 19:10:40 UTC (releng/12.2, 12.2-RELEASE-p2)
2020-12-08 19:10:40 UTC (releng/12.1, 12.1-RELEASE-p12)
CVE Name: CVE-2020-1971

Note: The OpenSSL project has published publicly available patches for
versions

(Read more...)

deadsimple BSD Security Advisories and Announcements www.bsdsec.net

LibreSSL 3.3.1, 3.2.3, and 3.1.5 Released

December 9, 2020

We have released LibreSSL 3.3.1, 3.2.3, and 3.1.5, which will be arriving
in the LibreSSL directory of your local OpenBSD mirror soon.

It includes the following security fix:

* Malformed ASN.1 in a certificate revocation list or a timestamp
…

deadsimple BSD Security Advisories and Announcements www.bsdsec.net

OpenNTPD 6.8p1 released

December 9, 2020

OpenNTPD 6.8p1 has been released, and is now available from your local
OpenBSD mirror. This is the first stable release based on OpenBSD 6.8.
It includes the following changes since OpenNTPD 6.2p3:

* The ntpd daemon now gets and sets the clock in …