summaryrefslogtreecommitdiffstats
path: root/CHANGES
AgeCommit message (Collapse)Author
2014-10-15Prepare for 0.9.8zd-devMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-15Prepare for 0.9.8zc releaseOpenSSL_0_9_8zcMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-15Updates to CHANGES fileMatt Caswell
Reviewed-by: Bodo Möller <bodo@openssl.org>
2014-10-15Support TLS_FALLBACK_SCSV.Bodo Moeller
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-09-29Add additional DigestInfo checks.Dr. Stephen Henson
Reencode DigestInto in DER and check against the original: this will reject any improperly encoded DigestInfo structures. Note: this is a precautionary measure, there is no known attack which can exploit this. Thanks to Brian Smith for reporting this issue. Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-06Prepare for 0.9.8zc-devMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-08-06Prepare for 0.9.8zb releaseOpenSSL_0_9_8zbMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-08-06Updates to CHANGES and NEWSMatt Caswell
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-08-01Simplify and fix ec_GFp_simple_points_make_affineBodo Moeller
(which didn't always handle value 0 correctly). Reviewed-by: emilia@openssl.org Conflicts: CHANGES crypto/ec/ectest.c
2014-06-05Prepare for 0.9.8zb-devDr. Stephen Henson
2014-06-05Prepare for 0.9.8za releaseOpenSSL_0_9_8zaDr. Stephen Henson
2014-06-05Update CHANGES and NEWSDr. Stephen Henson
2014-03-27Fix for CVE-2014-0076 backported to 0.9.8 branchmancha
Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 Thanks to Yuval Yarom and Naomi Benger for discovering this flaw and to Yuval Yarom for supplying a fix. Thanks for mancha for backporting the fix to OpenSSL 0.9.8 branch.
2014-03-27Fix alert handling.mancha
Fix OpenSSL 0.9.8 alert handling. PR#3038
2013-10-04Update CHANGES.Rob Stradling
2013-02-10Set next version.Dr. Stephen Henson
Note: it was decided that after 0.9.8y it should be 0.9.8za then 0.9.8zb etc.
2013-02-05prepare for releaseOpenSSL_0_9_8yDr. Stephen Henson
2013-02-05update NEWS and CHANGESDr. Stephen Henson
2013-02-05Don't try and verify signatures if key is NULL (CVE-2013-0166)Dr. Stephen Henson
Add additional check to catch this in ASN1_item_verify too.
2012-10-05Update CHANGES for OCSP fix.Ben Laurie
2012-05-11PR: 2813Dr. Stephen Henson
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com> Fix possible deadlock when decoding public keys.
2012-05-10prepare for next versionDr. Stephen Henson
2012-05-10prepare for 0.9.8x releaseDr. Stephen Henson
2012-05-10Sanity check record length before skipping explicit IV in DTLSDr. Stephen Henson
to fix DoS attack. Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing as a service testing platform. (CVE-2012-2333)
2012-05-10Reported by: Solar Designer of OpenwallDr. Stephen Henson
Make sure tkeylen is initialised properly when encrypting CMS messages.
2012-04-23prepare for next versionDr. Stephen Henson
2012-04-23prepare form 0.9.8w releaseDr. Stephen Henson
2012-04-23The fix for CVE-2012-2110 did not take into account that theDr. Stephen Henson
'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an int in OpenSSL 0.9.8, making it still vulnerable. Fix by rejecting negative len parameter. Thanks to the many people who reported this bug and to Tomas Hoger <thoger@redhat.com> for supplying the fix.
2012-04-19prepare for next versionDr. Stephen Henson
2012-04-19prepare for 0.9.8v releaseDr. Stephen Henson
2012-04-19Check for potentially exploitable overflows in asn1_d2i_read_bioDr. Stephen Henson
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer in CRYPTO_realloc_clean. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-03-12prepare for next versionDr. Stephen Henson
2012-03-12prepare for releaseDr. Stephen Henson
2012-03-12Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key andDr. Stephen Henson
continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)
2012-02-16Fix bug in CVE-2011-4619: check we have really received a client helloDr. Stephen Henson
before rejecting multiple SGC restarts.
2012-01-18prepare for next versionDr. Stephen Henson
2012-01-18prepare for releaseDr. Stephen Henson
2012-01-18Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.Dr. Stephen Henson
Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. (CVE-2012-0050)
2012-01-17fix CHANGES entryDr. Stephen Henson
2012-01-04update for next versionDr. Stephen Henson
2012-01-04prepare for 0.9.8s releaseDr. Stephen Henson
2012-01-04Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen ↵Dr. Stephen Henson
<tuexen@fh-muenster.de> Reviewed by: steve Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and Kenny Paterson.
2012-01-04Fix double free in policy check code (CVE-2011-4109)Dr. Stephen Henson
2012-01-04Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)Dr. Stephen Henson
2012-01-04Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)Dr. Stephen Henson
2012-01-04Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)Dr. Stephen Henson
2011-12-02Resolve a stack set-up race condition (if the list of compressionBodo Möller
methods isn't presorted, it will be sorted on first read). Submitted by: Adam Langley
2011-12-02Fix ecdsatest.c.Bodo Möller
Submitted by: Emilia Kasper
2011-12-02Fix BIO_f_buffer().Bodo Möller
Submitted by: Adam Langley Reviewed by: Bodo Moeller
2011-10-19BN_BLINDING multi-threading fix.Bodo Möller
Submitted by: Emilia Kasper (Google)
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-29 18:49:12 +0000