Skip to content
  1. Mar 11, 2015
  2. Mar 10, 2015
    • Emilia Kasper's avatar
      Harmonize return values in dtls1_buffer_record · 0c14565c
      Emilia Kasper authored
      
      
      Ensure all malloc failures return -1.
      
      Reported by Adam Langley (Google).
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (cherry picked from commit 06c6a2b4)
      0c14565c
    • Richard Godbee's avatar
      BIO_debug_callback: Fix output on 64-bit machines · 5a9e9669
      Richard Godbee authored
      
      
      BIO_debug_callback() no longer assumes the hexadecimal representation of
      a pointer fits in 8 characters.
      
      Signed-off-by: default avatarRichard Levitte <levitte@openssl.org>
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (cherry picked from commit 460e920d)
      5a9e9669
    • Matt Caswell's avatar
      Prevent handshake with unseeded PRNG · 2b31fcc0
      Matt Caswell authored
      
      
      Fix security issue where under certain conditions a client can complete a
      handshake with an unseeded PRNG. The conditions are:
      - Client is on a platform where the PRNG has not been seeded, and the
      user has not seeded manually
      - A protocol specific client method version has been used (i.e. not
      SSL_client_methodv23)
      - A ciphersuite is used that does not require additional random data
      from the PRNG beyond the initial ClientHello client random
      (e.g. PSK-RC4-SHA)
      
      If the handshake succeeds then the client random that has been used will
      have been generated from a PRNG with insufficient entropy and therefore
      the output may be predictable.
      
      For example using the following command with an unseeded openssl will
      succeed on an unpatched platform:
      
      openssl s_client -psk 1a2b3c4d -tls1_2 -cipher PSK-RC4-SHA
      
      CVE-2015-0285
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      (cherry picked from commit e1b568dd)
      2b31fcc0
  3. Mar 09, 2015
  4. Mar 08, 2015
  5. Mar 07, 2015
  6. Mar 06, 2015
  7. Mar 05, 2015
  8. Mar 02, 2015
  9. Feb 27, 2015
  10. Feb 26, 2015
  11. Feb 25, 2015
  12. Feb 24, 2015
  13. Feb 22, 2015
  14. Feb 13, 2015
  15. Feb 12, 2015