Loading CHANGES +12 −9 Original line number Diff line number Diff line Loading @@ -4,6 +4,14 @@ Changes between 0.9.6h and 0.9.7 [XX xxx 2002] *) Change from security patch (see 0.9.6e below) that did not affect the 0.9.6 release series: Remote buffer overflow in SSL3 protocol - an attacker could supply an oversized master key in Kerberos-enabled versions. (CAN-2002-0657) [Ben Laurie (CHATS)] *) Change the SSL kerb5 codes to match RFC 2712. [Richard Levitte] Loading Loading @@ -1770,11 +1778,6 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k too small for 64 bit platforms. (CAN-2002-0655) [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)> *) Remote buffer overflow in SSL3 protocol - an attacker could supply an oversized master key in Kerberos-enabled versions. (CAN-2002-0657) [Ben Laurie (CHATS)] *) Remote buffer overflow in SSL3 protocol - an attacker could supply an oversized session ID to a client. (CAN-2002-0656) [Ben Laurie (CHATS)] Loading Loading @@ -1869,13 +1872,13 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k value is 0. [Richard Levitte] *) Add the configuration target linux-s390x. [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte] *) [In 0.9.6d-engine release:] Fix a crashbug and a logic bug in hwcrhk_load_pubkey(). [Toomas Kiisk <vix@cyber.ee> via Richard Levitte] *) Add the configuration target linux-s390x. [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte] *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag variable as an indication that a ClientHello message has been Loading Loading
CHANGES +12 −9 Original line number Diff line number Diff line Loading @@ -4,6 +4,14 @@ Changes between 0.9.6h and 0.9.7 [XX xxx 2002] *) Change from security patch (see 0.9.6e below) that did not affect the 0.9.6 release series: Remote buffer overflow in SSL3 protocol - an attacker could supply an oversized master key in Kerberos-enabled versions. (CAN-2002-0657) [Ben Laurie (CHATS)] *) Change the SSL kerb5 codes to match RFC 2712. [Richard Levitte] Loading Loading @@ -1770,11 +1778,6 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k too small for 64 bit platforms. (CAN-2002-0655) [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)> *) Remote buffer overflow in SSL3 protocol - an attacker could supply an oversized master key in Kerberos-enabled versions. (CAN-2002-0657) [Ben Laurie (CHATS)] *) Remote buffer overflow in SSL3 protocol - an attacker could supply an oversized session ID to a client. (CAN-2002-0656) [Ben Laurie (CHATS)] Loading Loading @@ -1869,13 +1872,13 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k value is 0. [Richard Levitte] *) Add the configuration target linux-s390x. [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte] *) [In 0.9.6d-engine release:] Fix a crashbug and a logic bug in hwcrhk_load_pubkey(). [Toomas Kiisk <vix@cyber.ee> via Richard Levitte] *) Add the configuration target linux-s390x. [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte] *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag variable as an indication that a ClientHello message has been Loading
