- Jun 05, 2014
-
-
Dr. Stephen Henson authored
A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. Fixed by adding consistency check for DTLS fragments. Thanks to Jüri Aedla for reporting this issue.
-
Dr. Stephen Henson authored
-
- Jun 03, 2014
-
-
Libor Krystek authored
-
- Jun 02, 2014
-
-
David Benjamin authored
(cherry picked from commit 7d89b3bf42e4b4067371ab33ef7631434e41d1e4)
-
zhu qun-ying authored
PR#3286 (cherry picked from commit 71e95000afb2227fe5cac1c79ae884338bcd8d0b)
-
Sami Farin authored
PR#3302 (cherry picked from commit 9717f01951f976f76dd40a38d9fc7307057fa4c4)
-
- Jun 01, 2014
-
-
Matt Caswell authored
-
David Ramos authored
Delays the queue insertion until after the ssl3_setup_buffers() call due to use-after-free bug. PR#3362
-
Dr. Stephen Henson authored
(cherry picked from commit ea2bb861f0daaa20819bf9ac8c146f7593feacd4) Conflicts: apps/s_cb.c (cherry picked from commit 14dc83ca779e91a267701a1fb05b2bbcf2cb63c4)
-
Dr. Stephen Henson authored
Add TLS padding extension to SSL_OP_ALL so it is used with other "bugs" options and can be turned off. This replaces SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG which is an ancient option referring to SSLv2 and SSLREF. PR#3336
-
Dr. Stephen Henson authored
(cherry picked from commit 3009244d)
-
David Ramos authored
Make sure there is an extra 4 bytes for server done message when NETSCAPE_HANG_BUG is defined. PR#3361
-
David Ramos authored
PR#3313 (cherry picked from commit 7e2c6f7e)
-
- May 31, 2014
-
-
Dr. Stephen Henson authored
PR#3319 (cherry picked from commit 84691390eae86befd33c83721dacedb539ae34e6)
-
Dr. Stephen Henson authored
(cherry picked from commit 2c575907d2c8601a18716f718ce309ed4e1f1783)
-
- May 30, 2014
-
-
Hubert Kario authored
the verify app man page didn't describe the usage of attime option even though it was listed as a valid option in the -help message. This patch fixes this omission.
-
Hubert Kario authored
While the -help message references this option, the man page doesn't mention the -no_ecdhe option. This patch fixes this omission.
-
- May 29, 2014
-
-
Dr. Stephen Henson authored
PR#3249 (cherry picked from commit 8909bf20269035d295743fca559207ef2eb84eb3)
-
František Bořánek authored
PR#3278 (cherry picked from commit de56fe797081fc09ebd1add06d6e2df42a324fd5)
-
Martin Kaiser authored
(cherry picked from commit 3820fec3a09faecba7fe9912aa20ef7fcda8337b)
-
- May 27, 2014
-
-
Peter Mosmans authored
-
- May 26, 2014
-
-
Matt Caswell authored
-
- May 25, 2014
-
-
Matt Caswell authored
-
- May 24, 2014
-
-
Matt Caswell authored
-
- May 22, 2014
-
-
Mike Bland authored
Replaces the entire test with a trivial implementation when OPENSSL_NO_HEARTBEATS is defined.
-
- May 21, 2014
-
-
Matt Caswell authored
-
Dr. Stephen Henson authored
Use triple DES for certificate encryption if no-rc2 is specified. PR#3357 (cherry picked from commit 4689c08453e95eeefcc88c9f32dc6e509f95caff)
-
Dr. Stephen Henson authored
PR#3357 (cherry picked from commit ca3ffd9670f2b589bf8cc04923f953e06d6fbc58)
-
- May 20, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit dcca7b13)
-
- May 19, 2014
-
-
Janpopan authored
-
Ben Laurie authored
-
Mike Bland authored
Regression test against CVE-2014-0160 (Heartbleed). More info: http://mike-bland.com/tags/heartbleed.html (based on commit 35cb55988b75573105eefd00d27d0138eebe40b1)
-
Ben Laurie authored
-
Ben Laurie authored
-
- May 15, 2014
-
-
Matt Caswell authored
Moved note about lack of support for AEAD modes out of BUGS section to SUPPORTED CIPHERS section (bug has been fixed, but still no support for AEAD)
-
Dr. Stephen Henson authored
-
- May 14, 2014
-
-
Jeffrey Walton authored
-
Jeffrey Walton authored
-
Michal Bozon authored
-
- May 12, 2014
-
-
Kurt Roeckx authored
-