- Apr 14, 2015
-
-
Matt Caswell authored
The ClientHello processing is insufficiently rigorous in its checks to make sure that we don't read past the end of the message. This does not have security implications due to the size of the underlying buffer - but still needs to be fixed. With thanks to Qinghao Tang for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit c9642eb1ff79a30e2c7632ef8267cc34cc2b0d79)
-
- Apr 10, 2015
-
-
Dr. Stephen Henson authored
While *pval is usually a pointer in rare circumstances it can be a long value. One some platforms (e.g. WIN64) where sizeof(long) < sizeof(ASN1_VALUE *) this will write past the field. *pval is initialised correctly in the rest of ASN1_item_ex_new so setting it to NULL is unecessary anyway. Thanks to Julien Kauffmann for reporting this issue. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit f617b496) Conflicts: crypto/asn1/tasn_new.c
-
- Mar 24, 2015
-
-
Dr. Stephen Henson authored
If a set of certificates is supplied to OCSP_basic_verify use those in addition to any present in the OCSP response as untrusted CAs when verifying a certificate chain. PR#3668 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 4ca5efc2)
-
- Mar 19, 2015
-
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Fix some unsigned/signed warnings introduced as part of the fix for CVE-2015-0293 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Reported by the LibreSSL project as a follow on to CVE-2015-0209 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Update the NEWS file with the latest entries from CHANGES ready for the release. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Update CHANGES fiel with all the latest fixes ready for the release. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Remove entries from CHANGES and NEWS from letter releases that occur *after* the next point release. Without this we get duplicate entries for the same issue appearing multiple times. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Emilia Kasper authored
This assert is reachable for servers that support SSLv2 and export ciphers. Therefore, such servers can be DoSed by sending a specially crafted SSLv2 CLIENT-MASTER-KEY. Also fix s2_srvr.c to error out early if the key lengths are malformed. These lengths are sent unencrypted, so this does not introduce an oracle. CVE-2015-0293 This issue was discovered by Sean Burford (Google) and Emilia Käsper of the OpenSSL development team. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Emilia Kasper authored
In PKCS#7, the ASN.1 content component is optional. This typically applies to inner content (detached signatures), however we must also handle unexpected missing outer content correctly. This patch only addresses functions reachable from parsing, decryption and verification, and functions otherwise associated with reading potentially untrusted data. Correcting all low-level API calls requires further work. CVE-2015-0289 Thanks to Michal Zalewski (Google) for reporting this issue. Reviewed-by: Steve Henson <steve@openssl.org>
-
Dr. Stephen Henson authored
Fix segmentation violation when ASN1_TYPE_cmp is passed a boolean type. This can be triggered during certificate verification so could be a DoS attack against a client or a server enabling client authentication. CVE-2015-0286 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Mar 18, 2015
-
-
Dr. Stephen Henson authored
CVE-2015-0287 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
- Mar 12, 2015
-
-
Dr. Stephen Henson authored
When printing out an ASN.1 structure if the type is an item template don't fall thru and attempt to interpret as a primitive type. Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 5dc1247a)
-
- Mar 11, 2015
-
-
Matt Caswell authored
Cleanse various intermediate buffers used by the PRF (backported version from master). Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 35fafc4d) Conflicts: ssl/s3_enc.c Conflicts: ssl/t1_enc.c
-
- Mar 09, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Mar 08, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit d6ca1cee) Conflicts: ssl/ssl_locl.h
-
Dr. Stephen Henson authored
Fix compiler warnings (similar to commit 25012d5e ) Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
New function ASN1_STRING_clear_free which cleanses an ASN1_STRING structure before freeing it. Call ASN1_STRING_clear_free on PKCS#8 private key components. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit a8ae0891) Conflicts: crypto/dh/dh_ameth.c
-
- Mar 07, 2015
-
-
Kurt Roeckx authored
They are moved to the COMPLEMENTOFDEFAULT instead. This also fixes SSLv2 to be part of COMPLEMENTOFDEFAULT. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit bc2e18a3)
-
- Mar 06, 2015
-
-
Matt Caswell authored
Make the output from mkerr.pl consistent with the newly reformatted code. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Mar 02, 2015
-
-
Dr. Stephen Henson authored
CVE-2015-0288 PR#3708 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 28a00bcd)
-
Dr. Stephen Henson authored
The format script didn't correctly recognise some ASN.1 macros and didn't reformat some files as a result. Fix script and reformat affected files. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 437b14b5)
-
- Feb 25, 2015
-
-
Matt Caswell authored
Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org> CVE-2015-0209 Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
- Feb 24, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 384dee51)
-
- Feb 09, 2015
-
-
Andy Polyakov authored
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 84903716)
-
Andy Polyakov authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 7ce38623)
-
- Feb 06, 2015
-
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit ae632974)
-
- Feb 05, 2015
-
-
Rich Salz authored
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 7e35f06e)
-
- Feb 04, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 6922ddee)
-
- Feb 03, 2015
-
-
Dr. Stephen Henson authored
PR:3683 Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 52e028b9)
-
- Jan 22, 2015
-
-
Matt Caswell authored
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit d3b7cac4)
-
Matt Caswell authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Conflicts: crypto/pem/pem.h
-
Matt Caswell authored
This should be a one off operation (subsequent invokation of the script should not move them) This commit is for the 1.0.0 changes Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-