FreeBSD Security Advisory - A vulnerability in the TLS protocol would allow a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is also known as Logjam. When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field. When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID. Various other issues have also been addressed.
0f31d8be8e851db5b69fa3df18252499edec9d5d973028af8019e2d1dedd741b