Apply by doing:
	cd /usr/src
	patch -p0 < 016_openssl.patch

And then rebuild and install OpenSSL:
	cd lib/libssl
	make obj
	make depend
	make
	make install

Index: lib/libssl/src/crypto/rsa/rsa_sign.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/crypto/rsa/rsa_sign.c,v
retrieving revision 1.7
retrieving revision 1.7.2.1
diff -u -p -r1.7 -r1.7.2.1
--- lib/libssl/src/crypto/rsa/rsa_sign.c	29 Apr 2005 05:39:26 -0000	1.7
+++ lib/libssl/src/crypto/rsa/rsa_sign.c	9 Sep 2006 01:18:36 -0000	1.7.2.1
@@ -185,6 +185,23 @@ int RSA_verify(int dtype, const unsigned
 		sig=d2i_X509_SIG(NULL,&p,(long)i);
 
 		if (sig == NULL) goto err;
+
+		/* Excess data can be used to create forgeries */
+		if(p != s+i)
+			{
+			RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+			goto err;
+			}
+
+		/* Parameters to the signature algorithm can also be used to
+		   create forgeries */
+		if(sig->algor->parameter
+		   && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL)
+			{
+			RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+			goto err;
+			}
+
 		sigtype=OBJ_obj2nid(sig->algor->algorithm);
 
 
Index: lib/libssl/src/ssl/s23_srvr.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/ssl/s23_srvr.c,v
retrieving revision 1.8
retrieving revision 1.8.2.1
diff -u -p -r1.8 -r1.8.2.1
--- lib/libssl/src/ssl/s23_srvr.c	29 Apr 2005 05:39:31 -0000	1.8
+++ lib/libssl/src/ssl/s23_srvr.c	1 Nov 2005 01:01:12 -0000	1.8.2.1
@@ -528,9 +528,7 @@ int ssl23_get_client_hello(SSL *s)
 			}
 
 		s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-		if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
-			use_sslv2_strong ||
-			(s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
+		if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
 			s->s2->ssl2_rollback=0;
 		else
 			/* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0