Commits · 48819f4d545a16fbfd45a0eb22fb93e08a3a6096 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Mar 12, 2012
- fix error code · 48819f4d
  Dr. Stephen Henson authored Mar 12, 2012
  
  48819f4d
- manually patch missing part of PR#2756 · b0cbdd3e
  Dr. Stephen Henson authored Mar 12, 2012
  
  b0cbdd3e
Mar 09, 2012

PR: 2756 · 50161075

Dr. Stephen Henson authored Mar 09, 2012

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix DTLS timeout handling.

50161075

Mar 08, 2012
- check return value of BIO_write in PKCS7_decrypt · 25d5d15f
  Dr. Stephen Henson authored Mar 08, 2012
  
  25d5d15f
Mar 07, 2012

PR: 2755 · 725713f7

Dr. Stephen Henson authored Mar 07, 2012

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions. [0.9.8 version of patch]

725713f7

Mar 06, 2012
- return failure code if I/O error · 73eb0972
  Dr. Stephen Henson authored Mar 06, 2012
  
  73eb0972
- revert PR#2755: it breaks compilation · 6720779c
  Dr. Stephen Henson authored Mar 06, 2012
  
  6720779c
- PR: 2755 · b2a2c6af
  Dr. Stephen Henson authored Mar 06, 2012
```
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
```
  b2a2c6af
- PR: 2696 Submitted by: Rob Austein <sra@hactrn.net> · 272993ba
  Dr. Stephen Henson authored Mar 06, 2012
```
Fix inverted range problem in RFC3779 code.

Thanks to Andrew Chi for generating test cases for this bug.

[from HEAD]
```
  272993ba
- oops, revert unrelated patches · 58532ae0
  Dr. Stephen Henson authored Mar 06, 2012
  
  58532ae0
- PR: 2748 · 4e7f6d38
  Dr. Stephen Henson authored Mar 06, 2012
```
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix possible DTLS timer deadlock.
```
  4e7f6d38
Feb 28, 2012
- Fix memory leak cause by race condition when creating public keys. · f0be325f
  Dr. Stephen Henson authored Feb 28, 2012
```
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
```
  f0be325f
Feb 27, 2012
- free headers after use in error message · b66af23a
  Dr. Stephen Henson authored Feb 27, 2012
  
  b66af23a
- Detect symmetric crypto errors in PKCS7_decrypt. · 29d0c13e
  Dr. Stephen Henson authored Feb 27, 2012
```
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
```
  29d0c13e
Feb 23, 2012

PR: 2711 · 8a4e81a2

Dr. Stephen Henson authored Feb 23, 2012

Submitted by: Tomas Mraz <tmraz@redhat.com>

Tolerate bad MIME headers in parser.

8a4e81a2

Feb 16, 2012
- Fix bug in CVE-2011-4619: check we have really received a client hello · 843fc7b6
  Dr. Stephen Henson authored Feb 16, 2012
```
before rejecting multiple SGC restarts.
```
  843fc7b6
Feb 11, 2012

PR: 2703 · 6dcb6bf1

Dr. Stephen Henson authored Feb 11, 2012

Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Fix some memory and resource leaks in CAPI ENGINE.

6dcb6bf1

PR: 2705 · 1061c3cb

Dr. Stephen Henson authored Feb 11, 2012

Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Only create ex_data indices once for CAPI engine.

1061c3cb

Jan 20, 2012
- fix Visual Studio 2010 warning [from HEAD] (original by appro) · 0d0f15d8
  Dr. Stephen Henson authored Jan 20, 2012
  
  0d0f15d8
Jan 18, 2012
- prepare for next version · a72ce942
  Dr. Stephen Henson authored Jan 18, 2012
  
  a72ce942
- update FAQ · f71d59c7
  Dr. Stephen Henson authored Jan 18, 2012
  
  OpenSSL_0_9_8t
  
  f71d59c7
- prepare for release · 3309f831
  Dr. Stephen Henson authored Jan 18, 2012
  
  3309f831
- update NEWS · 6cc5f194
  Dr. Stephen Henson authored Jan 18, 2012
  
  6cc5f194
- Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. · 096327a9
  Dr. Stephen Henson authored Jan 18, 2012
```
Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
```
  096327a9
Jan 17, 2012
- fix CHANGES entry · cc10bcf2
  Dr. Stephen Henson authored Jan 17, 2012
  
  cc10bcf2
Jan 10, 2012
- fix warning · 875ac0ec
  Dr. Stephen Henson authored Jan 10, 2012
  
  875ac0ec
Jan 05, 2012
- Fix usage indentation · bf240f06
  Bodo Möller authored Jan 05, 2012
  
  bf240f06
- Fix for builds without DTLS support. · dd016b05
  Bodo Möller authored Jan 05, 2012
```
Submitted by: Brian Carlstrom
```
  dd016b05
Jan 04, 2012
- update for next version · 24478846
  Dr. Stephen Henson authored Jan 04, 2012
  
  24478846
- update FAQ · a9580833
  Dr. Stephen Henson authored Jan 04, 2012
  
  OpenSSL_0_9_8s
  
  a9580833
- prepare for 0.9.8s release · b3cebd5a
  Dr. Stephen Henson authored Jan 04, 2012
  
  b3cebd5a
- update NEWS · 7b775145
  Dr. Stephen Henson authored Jan 04, 2012
  
  7b775145
- make update · 7183aa6b
  Dr. Stephen Henson authored Jan 04, 2012
  
  7183aa6b
- Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de> · eebefe35
  Dr. Stephen Henson authored Jan 04, 2012
```
Reviewed by: steve

Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
```
  eebefe35
- Fix double free in policy check code (CVE-2011-4109) · 1db0bbdc
  Dr. Stephen Henson authored Jan 04, 2012
  
  1db0bbdc
- Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) · e643112d
  Dr. Stephen Henson authored Jan 04, 2012
  
  e643112d
- Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) · 21c4b259
  Dr. Stephen Henson authored Jan 04, 2012
  
  21c4b259
- stop warning · 41cf2c3a
  Dr. Stephen Henson authored Jan 04, 2012
  
  41cf2c3a
- Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) · 0e3a930f
  Dr. Stephen Henson authored Jan 04, 2012
  
  0e3a930f
- Submitted by: Adam Langley <agl@chromium.org> · 0c214e01
  Dr. Stephen Henson authored Jan 04, 2012
```
Reviewed by: steve

Fix memory leaks.
```
  0c214e01