| Index: UPDATING |
| =================================================================== |
| --- UPDATING (revision 326359) |
| +++ UPDATING (revision 326723) |
| @@ -16,6 +16,10 @@ |
| stable/10, and then rebuild without this option. The bootstrap process from |
| older version of current is a bit fragile. |
| |
| +20171209 p5 FreeBSD-SA-17:12.openssl |
| + |
| + Fix OpenSSL error state vulnerability. |
| + |
| 20171129 p4 FreeBSD-SA-17:11.openssl |
| |
| Fix OpenSSL out-of-bounds read vulnerability. |
| Index: crypto/openssl/ssl/ssl.h |
| =================================================================== |
| --- crypto/openssl/ssl/ssl.h (revision 326359) |
| +++ crypto/openssl/ssl/ssl.h (revision 326723) |
| @@ -1544,7 +1544,7 @@ |
| # define SSL_ST_BEFORE 0x4000 |
| # define SSL_ST_OK 0x03 |
| # define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) |
| -# define SSL_ST_ERR 0x05 |
| +# define SSL_ST_ERR (0x05|SSL_ST_INIT) |
| |
| # define SSL_CB_LOOP 0x01 |
| # define SSL_CB_EXIT 0x02 |
| Index: sys/conf/newvers.sh |
| =================================================================== |
| --- sys/conf/newvers.sh (revision 326359) |
| +++ sys/conf/newvers.sh (revision 326723) |
| @@ -32,7 +32,7 @@ |
| |
| TYPE="FreeBSD" |
| REVISION="10.4" |
| -BRANCH="RELEASE-p4" |
| +BRANCH="RELEASE-p5" |
| if [ "X${BRANCH_OVERRIDE}" != "X" ]; then |
| BRANCH=${BRANCH_OVERRIDE} |
| fi |