FreeBSD Security Advisory - OpenSSL has had multiple vulnerabilities addressed. The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. When presented with a malformed X509_ATTRIBUTE structure, OpenSSL will leak memory. If PSK identity hints are received by a multi-threaded client then the values are incorrectly updated in the parent SSL_CTX structure.
b3432b7d049cf95d92acc07e43d3ee7a16a360943d384c441f979bc71d8eeae2