Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-05-11 | PR: 2813 | Dr. Stephen Henson | |
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com> Fix possible deadlock when decoding public keys. | |||
2012-05-10 | prepare for next version | Dr. Stephen Henson | |
2012-05-10 | prepare for 0.9.8x release | Dr. Stephen Henson | |
2012-05-10 | Reported by: Solar Designer of Openwall | Dr. Stephen Henson | |
Make sure tkeylen is initialised properly when encrypting CMS messages. | |||
2012-04-23 | prepare for next version | Dr. Stephen Henson | |
2012-04-23 | prepare form 0.9.8w release | Dr. Stephen Henson | |
2012-04-23 | The fix for CVE-2012-2110 did not take into account that the | Dr. Stephen Henson | |
'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an int in OpenSSL 0.9.8, making it still vulnerable. Fix by rejecting negative len parameter. Thanks to the many people who reported this bug and to Tomas Hoger <thoger@redhat.com> for supplying the fix. | |||
2012-04-22 | correct error code | Dr. Stephen Henson | |
2012-04-19 | prepare for next version | Dr. Stephen Henson | |
2012-04-19 | prepare for 0.9.8v release | Dr. Stephen Henson | |
2012-04-19 | Check for potentially exploitable overflows in asn1_d2i_read_bio | Dr. Stephen Henson | |
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer in CRYPTO_realloc_clean. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110) | |||
2012-03-12 | prepare for next version | Dr. Stephen Henson | |
2012-03-12 | corrected fix to PR#2711 and also cover mime_param_cmpOpenSSL_0_9_8u | Dr. Stephen Henson | |
2012-03-12 | prepare for release | Dr. Stephen Henson | |
2012-03-12 | Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and | Dr. Stephen Henson | |
continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884) | |||
2012-03-08 | check return value of BIO_write in PKCS7_decrypt | Dr. Stephen Henson | |
2012-03-07 | PR: 2755 | Dr. Stephen Henson | |
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions. [0.9.8 version of patch] | |||
2012-03-06 | return failure code if I/O error | Dr. Stephen Henson | |
2012-03-06 | revert PR#2755: it breaks compilation | Dr. Stephen Henson | |
2012-03-06 | PR: 2755 | Dr. Stephen Henson | |
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions. | |||
2012-03-06 | PR: 2696 Submitted by: Rob Austein <sra@hactrn.net> | Dr. Stephen Henson | |
Fix inverted range problem in RFC3779 code. Thanks to Andrew Chi for generating test cases for this bug. [from HEAD] | |||
2012-03-06 | oops, revert unrelated patches | Dr. Stephen Henson | |
2012-03-06 | PR: 2748 | Dr. Stephen Henson | |
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix possible DTLS timer deadlock. | |||
2012-02-28 | Fix memory leak cause by race condition when creating public keys. | Dr. Stephen Henson | |
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug. | |||
2012-02-27 | free headers after use in error message | Dr. Stephen Henson | |
2012-02-27 | Detect symmetric crypto errors in PKCS7_decrypt. | Dr. Stephen Henson | |
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug. | |||
2012-02-23 | PR: 2711 | Dr. Stephen Henson | |
Submitted by: Tomas Mraz <tmraz@redhat.com> Tolerate bad MIME headers in parser. | |||
2012-01-18 | prepare for next version | Dr. Stephen Henson | |
2012-01-18 | prepare for release | Dr. Stephen Henson | |
2012-01-10 | fix warning | Dr. Stephen Henson | |
2012-01-04 | update for next version | Dr. Stephen Henson | |
2012-01-04 | prepare for 0.9.8s release | Dr. Stephen Henson | |
2012-01-04 | Fix double free in policy check code (CVE-2011-4109) | Dr. Stephen Henson | |
2012-01-04 | Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) | Dr. Stephen Henson | |
2011-12-09 | x86-mont.pl: fix bug in integer-only squaring path [from HEAD]. | Andy Polyakov | |
PR: 2648 | |||
2011-12-02 | Fix ecdsatest.c. | Bodo Möller | |
Submitted by: Emilia Kasper | |||
2011-12-02 | Fix BIO_f_buffer(). | Bodo Möller | |
Submitted by: Adam Langley Reviewed by: Bodo Moeller | |||
2011-11-05 | ppc.pl: fix bug in bn_mul_comba4 [from HEAD]. | Andy Polyakov | |
PR: 2636 Submitted by: Charles Bryant | |||
2011-10-26 | PR: 2632 | Dr. Stephen Henson | |
Submitted by: emmanuel.azencot@bull.net Reviewed by: steve Return -1 immediately if not affine coordinates as BN_CTX has not been set up. | |||
2011-10-19 | BN_BLINDING multi-threading fix. | Bodo Möller | |
Submitted by: Emilia Kasper (Google) | |||
2011-10-09 | PR: 2482 | Dr. Stephen Henson | |
Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann. | |||
2011-09-23 | PR: 2606 | Dr. Stephen Henson | |
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de> Reviewed by: steve Handle timezones correctly in UTCTime. | |||
2011-09-05 | Fix memory leak on bad inputs. | Bodo Möller | |
2011-09-05 | Move OPENSSL_init declaration out of auto-generated code section | Bodo Möller | |
(it is not auto-generated). | |||
2011-09-02 | PR: 2576 | Dr. Stephen Henson | |
Submitted by: Doug Goldstein <cardoe@gentoo.org> Reviewed by: steve Include header file stdlib.h which is needed on some platforms to get getenv() declaration. | |||
2011-09-01 | PR: 2340 | Dr. Stephen Henson | |
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar> Reviewed by: steve Stop warnings if OPENSSL_NO_DGRAM is defined. | |||
2011-09-01 | make timing attack protection unconditional | Dr. Stephen Henson | |
2011-09-01 | PR: 2588 | Dr. Stephen Henson | |
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com> Reviewed by: steve Close file pointer. | |||
2011-07-20 | PR: 2559 | Dr. Stephen Henson | |
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS socket error bug | |||
2011-07-14 | PR: 2556 (partial) | Dr. Stephen Henson | |
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de> Reviewed by: steve Fix OID routines. Check on encoding leading zero rejection should start at beginning of encoding. Allow for initial digit when testing when to use BIGNUMs which can increase first value by 2 * 40. |