Loading CHANGES +10 −0 Original line number Original line Diff line number Diff line Loading @@ -104,6 +104,12 @@ whose return value is often ignored. whose return value is often ignored. [Steve Henson] [Steve Henson] Changes between 1.0.0 and 1.0.0a [xx XXX xxxx] *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover (CVE-2010-1633) [Steve Henson, Peter-Michael Hager <hager@dortmund.net>] Changes between 0.9.8n and 1.0.0 [xx XXX xxxx] Changes between 0.9.8n and 1.0.0 [xx XXX xxxx] *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher Loading Loading @@ -947,6 +953,10 @@ Changes between 0.9.8n and 0.9.8o [xx XXX xxxx] Changes between 0.9.8n and 0.9.8o [xx XXX xxxx] *) Correct a typo in the CMS ASN1 module which can result in invalid memory access or freeing data twice (CVE-2010-0742) [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>] *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more common in certificates and some applications which only call common in certificates and some applications which only call SSL_library_init and not OpenSSL_add_all_algorithms() will fail. SSL_library_init and not OpenSSL_add_all_algorithms() will fail. Loading NEWS +2 −0 Original line number Original line Diff line number Diff line Loading @@ -7,6 +7,7 @@ Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a: Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a: o Fix for security issue CVE-2010-1633. o GOST MAC and CFB fixes. o GOST MAC and CFB fixes. Major changes between OpenSSL 0.9.8n and OpenSSL 1.0: Major changes between OpenSSL 0.9.8n and OpenSSL 1.0: Loading Loading @@ -34,6 +35,7 @@ Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o: Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o: o Fix for security issue CVE-2010-0742. o Various DTLS fixes. o Various DTLS fixes. o Recognise SHA2 certificates if only SSL algorithms added. o Recognise SHA2 certificates if only SSL algorithms added. o Fix for no-rc4 compilation. o Fix for no-rc4 compilation. Loading crypto/cms/cms_asn1.c +2 −2 Original line number Original line Diff line number Diff line Loading @@ -131,8 +131,8 @@ ASN1_NDEF_SEQUENCE(CMS_SignedData) = { } ASN1_NDEF_SEQUENCE_END(CMS_SignedData) } ASN1_NDEF_SEQUENCE_END(CMS_SignedData) ASN1_SEQUENCE(CMS_OriginatorInfo) = { ASN1_SEQUENCE(CMS_OriginatorInfo) = { ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0), ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0), ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1) ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1) } ASN1_SEQUENCE_END(CMS_OriginatorInfo) } ASN1_SEQUENCE_END(CMS_OriginatorInfo) ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = { ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = { Loading crypto/rsa/rsa_pmeth.c +2 −0 Original line number Original line Diff line number Diff line Loading @@ -251,6 +251,8 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx, ret = int_rsa_verify(EVP_MD_type(rctx->md), ret = int_rsa_verify(EVP_MD_type(rctx->md), NULL, 0, rout, &sltmp, NULL, 0, rout, &sltmp, sig, siglen, ctx->pkey->pkey.rsa); sig, siglen, ctx->pkey->pkey.rsa); if (ret <= 0) return 0; ret = sltmp; ret = sltmp; } } else else Loading Loading
CHANGES +10 −0 Original line number Original line Diff line number Diff line Loading @@ -104,6 +104,12 @@ whose return value is often ignored. whose return value is often ignored. [Steve Henson] [Steve Henson] Changes between 1.0.0 and 1.0.0a [xx XXX xxxx] *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover (CVE-2010-1633) [Steve Henson, Peter-Michael Hager <hager@dortmund.net>] Changes between 0.9.8n and 1.0.0 [xx XXX xxxx] Changes between 0.9.8n and 1.0.0 [xx XXX xxxx] *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher Loading Loading @@ -947,6 +953,10 @@ Changes between 0.9.8n and 0.9.8o [xx XXX xxxx] Changes between 0.9.8n and 0.9.8o [xx XXX xxxx] *) Correct a typo in the CMS ASN1 module which can result in invalid memory access or freeing data twice (CVE-2010-0742) [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>] *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more common in certificates and some applications which only call common in certificates and some applications which only call SSL_library_init and not OpenSSL_add_all_algorithms() will fail. SSL_library_init and not OpenSSL_add_all_algorithms() will fail. Loading
NEWS +2 −0 Original line number Original line Diff line number Diff line Loading @@ -7,6 +7,7 @@ Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a: Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a: o Fix for security issue CVE-2010-1633. o GOST MAC and CFB fixes. o GOST MAC and CFB fixes. Major changes between OpenSSL 0.9.8n and OpenSSL 1.0: Major changes between OpenSSL 0.9.8n and OpenSSL 1.0: Loading Loading @@ -34,6 +35,7 @@ Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o: Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o: o Fix for security issue CVE-2010-0742. o Various DTLS fixes. o Various DTLS fixes. o Recognise SHA2 certificates if only SSL algorithms added. o Recognise SHA2 certificates if only SSL algorithms added. o Fix for no-rc4 compilation. o Fix for no-rc4 compilation. Loading
crypto/cms/cms_asn1.c +2 −2 Original line number Original line Diff line number Diff line Loading @@ -131,8 +131,8 @@ ASN1_NDEF_SEQUENCE(CMS_SignedData) = { } ASN1_NDEF_SEQUENCE_END(CMS_SignedData) } ASN1_NDEF_SEQUENCE_END(CMS_SignedData) ASN1_SEQUENCE(CMS_OriginatorInfo) = { ASN1_SEQUENCE(CMS_OriginatorInfo) = { ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0), ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0), ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1) ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1) } ASN1_SEQUENCE_END(CMS_OriginatorInfo) } ASN1_SEQUENCE_END(CMS_OriginatorInfo) ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = { ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = { Loading
crypto/rsa/rsa_pmeth.c +2 −0 Original line number Original line Diff line number Diff line Loading @@ -251,6 +251,8 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx, ret = int_rsa_verify(EVP_MD_type(rctx->md), ret = int_rsa_verify(EVP_MD_type(rctx->md), NULL, 0, rout, &sltmp, NULL, 0, rout, &sltmp, sig, siglen, ctx->pkey->pkey.rsa); sig, siglen, ctx->pkey->pkey.rsa); if (ret <= 0) return 0; ret = sltmp; ret = sltmp; } } else else Loading
