Commits · 16ec56f0cd6337a2506dce4a1e7ef91e0b7ecb76 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL · GitLab

WARNING! Gitlab maintenance operation scheduled for Saturday, 27 September 2025, from 07:00 AM to 4:00 PM GMT (09:00 AM to 6:00 PM CEST)

Sep 21, 2016
- Updates CHANGES and NEWS for new release · 16ec56f0
  Matt Caswell authored Sep 21, 2016
  16ec56f0
- Avoid KCI attack for GOST · ab650f07
  Dmitry Belyavsky authored Sep 19, 2016
  ab650f07
- Fix OCSP Status Request extension unbounded memory growth · 2c0d295e
  Matt Caswell authored Sep 09, 2016
  2c0d295e
- update default dependency options · 151adf2e
  Dr. Stephen Henson authored Sep 21, 2016
  151adf2e
- Make message buffer slightly larger than message. · bb1a4866
  Dr. Stephen Henson authored Sep 21, 2016
  bb1a4866
- Use SSL3_HM_HEADER_LENGTH instead of 4. · 8289755d
  Dr. Stephen Henson authored Sep 21, 2016
  8289755d
- Remove unnecessary check. · aa388af1
  Dr. Stephen Henson authored Sep 21, 2016
  aa388af1
- Fix small OOB reads. · 52e623c4
  Dr. Stephen Henson authored Sep 17, 2016
  52e623c4
Aug 26, 2016
- Fix SSL_export_keying_material() for DTLS1_BAD_VER · 515a0105
  David Woodhouse authored Jul 08, 2016
  515a0105
Aug 24, 2016
- Avoid overflow in MDC2_Update() · 2b4029e6
  Dr. Stephen Henson authored Aug 19, 2016
  2b4029e6
- SWEET32 (CVE-2016-2183): Move DES from HIGH to MEDIUM · e95f5e03
  Rich Salz authored Aug 18, 2016
  e95f5e03
Aug 23, 2016
- Sanity check ticket length. · 1bbe48ab
  Dr. Stephen Henson authored Aug 23, 2016
  1bbe48ab
Aug 22, 2016
- Fix overflow check in BN_bn2dec() · 3612ff6f
  Kazuki Yamaguchi authored Aug 22, 2016
  3612ff6f
- Prevent DTLS Finished message injection · cfd40fd3
  Matt Caswell authored Jun 30, 2016
  cfd40fd3
- Fix DTLS buffered message DoS attack · 00a4c142
  Matt Caswell authored Jun 30, 2016
  00a4c142
Aug 20, 2016
- Fix off by 1 in ASN1_STRING_set() · f3e01c8d
  Kurt Roeckx authored Aug 06, 2016
  f3e01c8d
Aug 19, 2016
- RT3940: For now, just document the issue. · 19fca4ca
  Rich Salz authored Aug 13, 2016
  19fca4ca
- Update function error code · 5802758e
  Matt Caswell authored Aug 17, 2016
  5802758e
- Fix DTLS replay protection · b77ab018
  Matt Caswell authored Jul 05, 2016
  b77ab018
- Fix DTLS unprocessed records bug · fa755697
  Matt Caswell authored Jul 05, 2016
  fa755697
Aug 16, 2016
- make update to have PEM_R_HEADER_TOO_LONG defined · 6c858db3
  Richard Levitte authored Aug 16, 2016
  6c858db3
Aug 15, 2016
- Limit reads in do_b2i_bio() · 17603dd9
  Dr. Stephen Henson authored Aug 15, 2016
  17603dd9
- Check for errors in BN_bn2dec() · 28a89639
  Dr. Stephen Henson authored Aug 05, 2016
  28a89639
- Check for errors in a2d_ASN1_OBJECT() · ff0571b1
  Dr. Stephen Henson authored Aug 05, 2016
  ff0571b1
Aug 05, 2016
- Sanity check input length in OPENSSL_uni2asc(). · 7a497981
  Dr. Stephen Henson authored Aug 05, 2016
  7a497981
- Leak fixes. · d23de0bb
  Dr. Stephen Henson authored Aug 05, 2016
  d23de0bb
Aug 04, 2016
- Return error when trying to print invalid ASN1 integer · 3c39313f
  Kurt Roeckx authored Jul 16, 2016
  3c39313f
- Limit recursion depth in old d2i_ASN1_bytes function · a199e0c3
  Dr. Stephen Henson authored Aug 04, 2016
  a199e0c3
- Check for overflows in i2d_ASN1_SET() · 6592de7c
  Dr. Stephen Henson authored Aug 04, 2016
  6592de7c
Aug 03, 2016
- Calculate sequence length properly. · 5db2a579
  Dr. Stephen Henson authored Aug 02, 2016
  5db2a579
Aug 02, 2016
- include <limits.h> · c648bdcc
  Dr. Stephen Henson authored Aug 02, 2016
  c648bdcc
- Check for overflows in ASN1_object_size(). · 7149c709
  Dr. Stephen Henson authored Aug 02, 2016
  7149c709
- Check for overlows and error return from ASN1_object_size() · e3db6f1c
  Dr. Stephen Henson authored Aug 02, 2016
  e3db6f1c
Jul 22, 2016
- Fix OOB read in TS_OBJ_print_bio(). · 6adf409c
  Dr. Stephen Henson authored Jul 21, 2016
  6adf409c
Jun 30, 2016
- Convert memset calls to OPENSSL_cleanse · beaa2c03
  Matt Caswell authored Jun 24, 2016
  beaa2c03
Jun 29, 2016
- Allow proxy certs to be present when verifying a chain · 08327bfb
  Richard Levitte authored Jun 19, 2016
  08327bfb
- Fix proxy certificate pathlength verification · f7c95287
  Richard Levitte authored Jun 19, 2016
  f7c95287
- Check that the subject name in a proxy cert complies to RFC 3820 · 26576cf9
  Richard Levitte authored Jun 19, 2016
  26576cf9
Jun 27, 2016
- Change usage of RAND_pseudo_bytes to RAND_bytes · 05200ee5
  Matt Caswell authored Apr 25, 2016
  05200ee5
Jun 07, 2016
- More fix DSA, preserve BN_FLG_CONSTTIME · 3681a455
  Matt Caswell authored Jun 07, 2016
  3681a455