Commits · 0b1cf4a139b81727e19bb0c25775049ec787c444 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Mar 31, 2012

Dr. Stephen Henson authored Mar 31, 2012

Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>

Time is always encoded as 4 bytes, not sizeof(Time).

0b1cf4a1

Mar 18, 2012
- Always use SSLv23_{client,server}_method in s_client.c and s_server.c, · a9101cdc
  Dr. Stephen Henson authored Mar 18, 2012
```
the old code came from SSLeay days before TLS was even supported.
```
  a9101cdc
Mar 12, 2012
- prepare for next version · e351e2a7
  Dr. Stephen Henson authored Mar 12, 2012
  
  e351e2a7
- corrected fix to PR#2711 and also cover mime_param_cmp · 21527624
  Dr. Stephen Henson authored Mar 12, 2012
  
  OpenSSL_0_9_8u
  
  21527624
- correct FAQ · ddb78328
  Dr. Stephen Henson authored Mar 12, 2012
  
  ddb78328
- prepare for release · 2fad41d1
  Dr. Stephen Henson authored Mar 12, 2012
  
  2fad41d1
- update NEWS · b9c3d916
  Dr. Stephen Henson authored Mar 12, 2012
  
  b9c3d916
- Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and · 4f2fc3c2
  Dr. Stephen Henson authored Mar 12, 2012
```
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
```
  4f2fc3c2
- fix error code · 48819f4d
  Dr. Stephen Henson authored Mar 12, 2012
  
  48819f4d
- manually patch missing part of PR#2756 · b0cbdd3e
  Dr. Stephen Henson authored Mar 12, 2012
  
  b0cbdd3e
Mar 09, 2012

PR: 2756 · 50161075

Dr. Stephen Henson authored Mar 09, 2012

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix DTLS timeout handling.

50161075

Mar 08, 2012
- check return value of BIO_write in PKCS7_decrypt · 25d5d15f
  Dr. Stephen Henson authored Mar 08, 2012
  
  25d5d15f
Mar 07, 2012

PR: 2755 · 725713f7

Dr. Stephen Henson authored Mar 07, 2012

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions. [0.9.8 version of patch]

725713f7

Mar 06, 2012
- return failure code if I/O error · 73eb0972
  Dr. Stephen Henson authored Mar 06, 2012
  
  73eb0972
- revert PR#2755: it breaks compilation · 6720779c
  Dr. Stephen Henson authored Mar 06, 2012
  
  6720779c
- PR: 2755 · b2a2c6af
  Dr. Stephen Henson authored Mar 06, 2012
```
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
```
  b2a2c6af
- PR: 2696 Submitted by: Rob Austein <sra@hactrn.net> · 272993ba
  Dr. Stephen Henson authored Mar 06, 2012
```
Fix inverted range problem in RFC3779 code.

Thanks to Andrew Chi for generating test cases for this bug.

[from HEAD]
```
  272993ba
- oops, revert unrelated patches · 58532ae0
  Dr. Stephen Henson authored Mar 06, 2012
  
  58532ae0
- PR: 2748 · 4e7f6d38
  Dr. Stephen Henson authored Mar 06, 2012
```
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix possible DTLS timer deadlock.
```
  4e7f6d38
Feb 28, 2012
- Fix memory leak cause by race condition when creating public keys. · f0be325f
  Dr. Stephen Henson authored Feb 28, 2012
```
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
```
  f0be325f
Feb 27, 2012
- free headers after use in error message · b66af23a
  Dr. Stephen Henson authored Feb 27, 2012
  
  b66af23a
- Detect symmetric crypto errors in PKCS7_decrypt. · 29d0c13e
  Dr. Stephen Henson authored Feb 27, 2012
```
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
```
  29d0c13e
Feb 23, 2012

PR: 2711 · 8a4e81a2

Dr. Stephen Henson authored Feb 23, 2012

Submitted by: Tomas Mraz <tmraz@redhat.com>

Tolerate bad MIME headers in parser.

8a4e81a2

Feb 16, 2012
- Fix bug in CVE-2011-4619: check we have really received a client hello · 843fc7b6
  Dr. Stephen Henson authored Feb 16, 2012
```
before rejecting multiple SGC restarts.
```
  843fc7b6
Feb 11, 2012

PR: 2703 · 6dcb6bf1

Dr. Stephen Henson authored Feb 11, 2012

Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Fix some memory and resource leaks in CAPI ENGINE.

6dcb6bf1

PR: 2705 · 1061c3cb

Dr. Stephen Henson authored Feb 11, 2012

Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Only create ex_data indices once for CAPI engine.

1061c3cb

Jan 20, 2012
- fix Visual Studio 2010 warning [from HEAD] (original by appro) · 0d0f15d8
  Dr. Stephen Henson authored Jan 20, 2012
  
  0d0f15d8
Jan 18, 2012
- prepare for next version · a72ce942
  Dr. Stephen Henson authored Jan 18, 2012
  
  a72ce942
- update FAQ · f71d59c7
  Dr. Stephen Henson authored Jan 18, 2012
  
  OpenSSL_0_9_8t
  
  f71d59c7
- prepare for release · 3309f831
  Dr. Stephen Henson authored Jan 18, 2012
  
  3309f831
- update NEWS · 6cc5f194
  Dr. Stephen Henson authored Jan 18, 2012
  
  6cc5f194
- Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. · 096327a9
  Dr. Stephen Henson authored Jan 18, 2012
```
Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
```
  096327a9
Jan 17, 2012
- fix CHANGES entry · cc10bcf2
  Dr. Stephen Henson authored Jan 17, 2012
  
  cc10bcf2
Jan 10, 2012
- fix warning · 875ac0ec
  Dr. Stephen Henson authored Jan 10, 2012
  
  875ac0ec
Jan 05, 2012
- Fix usage indentation · bf240f06
  Bodo Möller authored Jan 05, 2012
  
  bf240f06
- Fix for builds without DTLS support. · dd016b05
  Bodo Möller authored Jan 05, 2012
```
Submitted by: Brian Carlstrom
```
  dd016b05
Jan 04, 2012
- update for next version · 24478846
  Dr. Stephen Henson authored Jan 04, 2012
  
  24478846
- update FAQ · a9580833
  Dr. Stephen Henson authored Jan 04, 2012
  
  OpenSSL_0_9_8s
  
  a9580833
- prepare for 0.9.8s release · b3cebd5a
  Dr. Stephen Henson authored Jan 04, 2012
  
  b3cebd5a
- update NEWS · 7b775145
  Dr. Stephen Henson authored Jan 04, 2012
  
  7b775145