summaryrefslogtreecommitdiffstats
path: root/crypto
AgeCommit message (Collapse)Author
2012-05-11PR: 2813Dr. Stephen Henson
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com> Fix possible deadlock when decoding public keys.
2012-05-10prepare for next versionDr. Stephen Henson
2012-05-10prepare for 0.9.8x releaseDr. Stephen Henson
2012-05-10Reported by: Solar Designer of OpenwallDr. Stephen Henson
Make sure tkeylen is initialised properly when encrypting CMS messages.
2012-04-23prepare for next versionDr. Stephen Henson
2012-04-23prepare form 0.9.8w releaseDr. Stephen Henson
2012-04-23The fix for CVE-2012-2110 did not take into account that theDr. Stephen Henson
'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an int in OpenSSL 0.9.8, making it still vulnerable. Fix by rejecting negative len parameter. Thanks to the many people who reported this bug and to Tomas Hoger <thoger@redhat.com> for supplying the fix.
2012-04-22correct error codeDr. Stephen Henson
2012-04-19prepare for next versionDr. Stephen Henson
2012-04-19prepare for 0.9.8v releaseDr. Stephen Henson
2012-04-19Check for potentially exploitable overflows in asn1_d2i_read_bioDr. Stephen Henson
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer in CRYPTO_realloc_clean. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-03-12prepare for next versionDr. Stephen Henson
2012-03-12corrected fix to PR#2711 and also cover mime_param_cmpOpenSSL_0_9_8uDr. Stephen Henson
2012-03-12prepare for releaseDr. Stephen Henson
2012-03-12Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key andDr. Stephen Henson
continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)
2012-03-08check return value of BIO_write in PKCS7_decryptDr. Stephen Henson
2012-03-07PR: 2755Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions. [0.9.8 version of patch]
2012-03-06return failure code if I/O errorDr. Stephen Henson
2012-03-06revert PR#2755: it breaks compilationDr. Stephen Henson
2012-03-06PR: 2755Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions.
2012-03-06PR: 2696 Submitted by: Rob Austein <sra@hactrn.net>Dr. Stephen Henson
Fix inverted range problem in RFC3779 code. Thanks to Andrew Chi for generating test cases for this bug. [from HEAD]
2012-03-06oops, revert unrelated patchesDr. Stephen Henson
2012-03-06PR: 2748Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix possible DTLS timer deadlock.
2012-02-28Fix memory leak cause by race condition when creating public keys.Dr. Stephen Henson
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-27free headers after use in error messageDr. Stephen Henson
2012-02-27Detect symmetric crypto errors in PKCS7_decrypt.Dr. Stephen Henson
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-23PR: 2711Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Tolerate bad MIME headers in parser.
2012-01-18prepare for next versionDr. Stephen Henson
2012-01-18prepare for releaseDr. Stephen Henson
2012-01-10fix warningDr. Stephen Henson
2012-01-04update for next versionDr. Stephen Henson
2012-01-04prepare for 0.9.8s releaseDr. Stephen Henson
2012-01-04Fix double free in policy check code (CVE-2011-4109)Dr. Stephen Henson
2012-01-04Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)Dr. Stephen Henson
2011-12-09x86-mont.pl: fix bug in integer-only squaring path [from HEAD].Andy Polyakov
PR: 2648
2011-12-02Fix ecdsatest.c.Bodo Möller
Submitted by: Emilia Kasper
2011-12-02Fix BIO_f_buffer().Bodo Möller
Submitted by: Adam Langley Reviewed by: Bodo Moeller
2011-11-05ppc.pl: fix bug in bn_mul_comba4 [from HEAD].Andy Polyakov
PR: 2636 Submitted by: Charles Bryant
2011-10-26PR: 2632Dr. Stephen Henson
Submitted by: emmanuel.azencot@bull.net Reviewed by: steve Return -1 immediately if not affine coordinates as BN_CTX has not been set up.
2011-10-19BN_BLINDING multi-threading fix.Bodo Möller
Submitted by: Emilia Kasper (Google)
2011-10-09PR: 2482Dr. Stephen Henson
Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
2011-09-23PR: 2606Dr. Stephen Henson
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de> Reviewed by: steve Handle timezones correctly in UTCTime.
2011-09-05Fix memory leak on bad inputs.Bodo Möller
2011-09-05Move OPENSSL_init declaration out of auto-generated code sectionBodo Möller
(it is not auto-generated).
2011-09-02PR: 2576Dr. Stephen Henson
Submitted by: Doug Goldstein <cardoe@gentoo.org> Reviewed by: steve Include header file stdlib.h which is needed on some platforms to get getenv() declaration.
2011-09-01PR: 2340Dr. Stephen Henson
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar> Reviewed by: steve Stop warnings if OPENSSL_NO_DGRAM is defined.
2011-09-01make timing attack protection unconditionalDr. Stephen Henson
2011-09-01PR: 2588Dr. Stephen Henson
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com> Reviewed by: steve Close file pointer.
2011-07-20PR: 2559Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS socket error bug
2011-07-14PR: 2556 (partial)Dr. Stephen Henson
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de> Reviewed by: steve Fix OID routines. Check on encoding leading zero rejection should start at beginning of encoding. Allow for initial digit when testing when to use BIGNUMs which can increase first value by 2 * 40.
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 15:32:33 +0000