summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2012-01-04prepare for releaseOpenSSL_1_0_0fDr. Stephen Henson
2012-01-04update NEWSDr. Stephen Henson
2012-01-04make updateDr. Stephen Henson
2012-01-04Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen ↵Dr. Stephen Henson
<tuexen@fh-muenster.de> Reviewed by: steve Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and Kenny Paterson.
2012-01-04add missing part for SGC restart fix (CVE-2011-4619)Dr. Stephen Henson
2012-01-04Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) ↵Dr. Stephen Henson
[include source patch this time!]
2012-01-04Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)Dr. Stephen Henson
2012-01-04Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)Dr. Stephen Henson
2012-01-04stop warningDr. Stephen Henson
2012-01-04Check GOST parameters are not NULL (CVE-2012-0027)Dr. Stephen Henson
2012-01-04Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)Dr. Stephen Henson
2012-01-04fix warningsDr. Stephen Henson
2012-01-04Submitted by: Adam Langley <agl@chromium.org>Dr. Stephen Henson
Reviewed by: steve Fix memory leaks.
2011-12-26PR: 2326Dr. Stephen Henson
Submitted by: Tianjie Mao <tjmao@tjmao.net> Reviewed by: steve Fix incorrect comma expressions and goto f_err as alert has been set.
2011-12-19PR: 2563Dr. Stephen Henson
Submitted by: Paul Green <Paul.Green@stratus.com> Reviewed by: steve Improved PRNG seeding for VOS.
2011-12-09x86-mont.pl: fix bug in integer-only squaring path.Andy Polyakov
PR: 2648
2011-12-06The default CN prompt message can be confusing when often the CN needs toDr. Stephen Henson
be the server FQDN: change it. [Reported by PSW Group]
2011-12-02Resolve a stack set-up race condition (if the list of compressionBodo Möller
methods isn't presorted, it will be sorted on first read). Submitted by: Adam Langley
2011-12-02Fix ecdsatest.c.Bodo Möller
Submitted by: Emilia Kasper
2011-12-02Fix BIO_f_buffer().Bodo Möller
Submitted by: Adam Langley Reviewed by: Bodo Moeller
2011-11-14Configure: fix corruption in RC4 implementation in darwin64-x86_64-cc.Andy Polyakov
2011-11-05ppc.pl: fix bug in bn_mul_comba4 [from HEAD].Andy Polyakov
PR: 2636 Submitted by: Charles Bryant
2011-10-30Teach mkshared.com to have a look for disabled algorithms in opensslconf.hRichard Levitte
2011-10-27PR: 2628Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Send alert instead of assertion failure for incorrectly formatted DTLS fragments.
2011-10-27PR: 2628Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix for ECC keys and DTLS.
2011-10-26PR: 2632Dr. Stephen Henson
Submitted by: emmanuel.azencot@bull.net Reviewed by: steve Return -1 immediately if not affine coordinates as BN_CTX has not been set up.
2011-10-19BN_BLINDING multi-threading fix.Bodo Möller
Submitted by: Emilia Kasper (Google)
2011-10-13use -no_ecdhe when using -no_dheBodo Möller
2011-10-13Clarify warningBodo Möller
2011-10-13In ssl3_clear, preserve s3->init_extra along with s3->rbuf.Bodo Möller
Submitted by: Bob Buckholz <bbuckholz@google.com>
2011-10-09PR: 2482Dr. Stephen Henson
Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
2011-09-26fix signed/unsigned warningDr. Stephen Henson
2011-09-23use keyformat for -x509toreq, don't hard code PEMDr. Stephen Henson
2011-09-23PR: 2606Dr. Stephen Henson
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de> Reviewed by: steve Handle timezones correctly in UTCTime.
2011-09-23PR: 2602Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS bug which prevents manual MTU setting
2011-09-23PR: 2347Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Reviewed by: steve Fix usage message.
2011-09-06prepare for next versionDr. Stephen Henson
2011-09-06update versions and dates for releaseOpenSSL_1_0_0eDr. Stephen Henson
2011-09-06update NEWSDr. Stephen Henson
2011-09-06Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the pastDr. Stephen Henson
produce an error (CVE-2011-3207) Fix TLS ephemeral DH crash bug (CVE-2011-3210)
2011-09-05(EC)DH memory handling fixes.Bodo Möller
Submitted by: Adam Langley
2011-09-05Fix memory leak on bad inputs.Bodo Möller
2011-09-05"make update"Bodo Möller
2011-09-02Don't use *from++ in tolower as this is implemented as a macro on someDr. Stephen Henson
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for reporting this issue.
2011-09-02PR: 2576Dr. Stephen Henson
Submitted by: Doug Goldstein <cardoe@gentoo.org> Reviewed by: steve Include header file stdlib.h which is needed on some platforms to get getenv() declaration.
2011-09-01update NEWSDr. Stephen Henson
2011-09-01Add error checking to PKCS1_MGF1. From HEAD.Dr. Stephen Henson
2011-09-01PR: 2340Dr. Stephen Henson
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar> Reviewed by: steve Stop warnings if OPENSSL_NO_DGRAM is defined.
2011-09-01make timing attack protection unconditionalDr. Stephen Henson
2011-09-01PR: 2573Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS buffering and decryption bug.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-26 09:42:41 +0000