- May 10, 2012
-
-
Dr. Stephen Henson authored
to fix DoS attack. Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing as a service testing platform. (CVE-2012-2333)
-
Dr. Stephen Henson authored
Make sure tkeylen is initialised properly when encrypting CMS messages.
-
- May 04, 2012
-
-
Richard Levitte authored
-
- Apr 27, 2012
-
-
Andy Polyakov authored
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA, why slower algorithm are affected more... [from HEAD]. PR: 2794 Submitted by: Ashley Lai
-
- Apr 22, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Apr 19, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer in CRYPTO_realloc_clean. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
-
Andy Polyakov authored
PR: 2793
-
- Apr 16, 2012
-
-
Andy Polyakov authored
PR: 2791 Submitted by: Ben Noordhuis
-
Andy Polyakov authored
PR: 2790 Submitted by: Alexei Khlebnikov
-
- Apr 15, 2012
-
-
Andy Polyakov authored
PR: 2538
-
- Apr 10, 2012
-
-
Dr. Stephen Henson authored
-
- Mar 31, 2012
-
-
Dr. Stephen Henson authored
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com> Time is always encoded as 4 bytes, not sizeof(Time).
-
- Mar 29, 2012
-
-
Andy Polyakov authored
PR: 2776
-
- Mar 22, 2012
-
-
Dr. Stephen Henson authored
Fix memory leaks in 'goto err' cases.
-
- Mar 18, 2012
-
-
Dr. Stephen Henson authored
the old code came from SSLeay days before TLS was even supported.
-
- Mar 14, 2012
-
-
Richard Levitte authored
-
- Mar 13, 2012
-
-
Andy Polyakov authored
[from HEAD,1.0.1]
-
Andy Polyakov authored
PR: 2435,2440
-
- Mar 12, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)
-
- Mar 09, 2012
-
-
Dr. Stephen Henson authored
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix DTLS timeout handling.
-
- Mar 08, 2012
-
-
Dr. Stephen Henson authored
-
- Mar 06, 2012
-
-
Dr. Stephen Henson authored
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions.
-
Dr. Stephen Henson authored
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix possible DTLS timer deadlock.
-
- Mar 03, 2012
-
-
Andy Polyakov authored
-
- Feb 29, 2012
-
-
Dr. Stephen Henson authored
Reported by: Dmitry Belyavsky <beldmit@gmail.com> Fix memory leak if invalid GOST MAC key given.
-
Dr. Stephen Henson authored
Reported by: Dmitry Belyavsky <beldmit@gmail.com> If resigning with detached content in CMS just copy data across.
-
- Feb 28, 2012
-
-
Dr. Stephen Henson authored
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
-
- Feb 27, 2012
-
-
Dr. Stephen Henson authored
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr> Preserve unused bits value in non-canonicalised ASN1_STRING structures by using ASN1_STRING_copy which preseves flags.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr> Fix double free in PKCS12_parse if we run out of memory.
-