Commits · af094ed1248348ffc2d27a9d1a9b55ff04e6b35b · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Jan 19, 2007
- User cleaner way to handle new options for VC++ build. · af094ed1
  Dr. Stephen Henson authored Jan 19, 2007
  
  af094ed1
Jan 18, 2007
- Upadte from HEAD. · 83a38057
  Dr. Stephen Henson authored Jan 18, 2007
  
  83a38057
- Expanded boundary support for VC++ build. · 2af6370b
  Dr. Stephen Henson authored Jan 18, 2007
  
  2af6370b
- Expand security boundary to match 1.1.1 module. · eee04c54
  Dr. Stephen Henson authored Jan 18, 2007
  
  eee04c54
Jan 17, 2007
- Initial support for new build options under WIN32 and VC++. · f899ad27
  Dr. Stephen Henson authored Jan 17, 2007
  
  f899ad27
Jan 16, 2007
- Remove debugging echo. · ac0c3379
  Dr. Stephen Henson authored Jan 16, 2007
  
  ac0c3379
- Add options to allow fipscanister to be built and linked against internally. · 580b6004
  Dr. Stephen Henson authored Jan 16, 2007
  
  580b6004
- More fixes to build/fipsld to handle detached fips_premain.c detached sig. · e1a5486f
  Dr. Stephen Henson authored Jan 16, 2007
  
  e1a5486f
- Remove deleted fipshashes.[co] from Makefile. · caf8fc0b
  Dr. Stephen Henson authored Jan 16, 2007
  
  caf8fc0b
- $(FIPSCHECK) no longer used. · 03957951
  Dr. Stephen Henson authored Jan 16, 2007
  
  03957951
- Update .cvsignore. · 88490fb4
  Dr. Stephen Henson authored Jan 16, 2007
  
  88490fb4
- Update .cvsignore · 5bb0216e
  Dr. Stephen Henson authored Jan 16, 2007
  
  5bb0216e
- Use correct perl script name in mkfipsscr.pl output. · dbb75190
  Dr. Stephen Henson authored Jan 16, 2007
  
  dbb75190
- Update fipsld to use external signature for fips_premain.c . Update build system · 18051aa8
  Dr. Stephen Henson authored Jan 16, 2007
```
remove redundant source file hash checks.
```
  18051aa8
- Don't use deprecated -mcpu option. · 22f531f5
  Dr. Stephen Henson authored Jan 16, 2007
  
  22f531f5
Jan 15, 2007
- Oops... · 0ab595d6
  Dr. Stephen Henson authored Jan 15, 2007
  
  0ab595d6
- Perl script to build shell scripts and batch files to run algorithm test programs. · d107905b
  Dr. Stephen Henson authored Jan 15, 2007
  
  d107905b
Jan 14, 2007
- Make algorithm test programs tolerate whitespace in input files. · 7c4dd3fe
  Dr. Stephen Henson authored Jan 14, 2007
  
  7c4dd3fe
Jan 12, 2007
- Update to new home page · bdc778a7
  Lutz Jänicke authored Jan 12, 2007
  
  bdc778a7
Dec 07, 2006
- Remove 'done' variable since it stops error codes being reloaded. · 618def59
  Dr. Stephen Henson authored Dec 07, 2006
  
  618def59
Dec 06, 2006
- fix no-ssl2 build · 54a2631e
  Nils Larsch authored Dec 06, 2006
  
  54a2631e
Dec 04, 2006
- fix function names in RSAerr calls · 492a9070
  Nils Larsch authored Dec 04, 2006
```
PR: 1403
```
  492a9070
Nov 29, 2006
- fix support for receiving fragmented handshake messages · 9dc705a2
  Bodo Möller authored Nov 29, 2006
  
  9dc705a2
Nov 21, 2006
- Rebuild error source files. · ea474c56
  Dr. Stephen Henson authored Nov 21, 2006
  
  ea474c56
- Use error table to determine if errors should be loaded. · f6cdaa96
  Dr. Stephen Henson authored Nov 21, 2006
  
  f6cdaa96
Nov 13, 2006
- Fix from HEAD. · 0e5d87d7
  Dr. Stephen Henson authored Nov 13, 2006
  
  0e5d87d7
Sep 29, 2006
- Initialise ctx to NULL to avoid uninitialized free, noticed by · 055fa1c3
  Mark J. Cox authored Sep 29, 2006
```
Steve Kiernan
```
  055fa1c3
Sep 28, 2006

Oops, some changes forgotten... · 90a63277
Richard Levitte authored Sep 28, 2006

90a63277
After tagging, open up 0.9.7m-dev · 6b131d9c
Mark J. Cox authored Sep 28, 2006

6b131d9c
Prepare for 0.9.7l release · c830c1a2
Mark J. Cox authored Sep 28, 2006

OpenSSL_0_9_7l

c830c1a2

Introduce limits to prevent malicious keys being able to · b2139664

Mark J. Cox authored Sep 28, 2006

cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]

b2139664

Sep 22, 2006
- Fix from HEAD. · 8db3f4ac
  Dr. Stephen Henson authored Sep 22, 2006
  
  8db3f4ac
- Fix from head. · 4ebd255a
  Dr. Stephen Henson authored Sep 22, 2006
  
  4ebd255a
Sep 19, 2006
- Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). · d9d29446
  Bodo Möller authored Sep 19, 2006
```
[Problem pointed out by Adam Young <adamy (at) acm.org>]
```
  d9d29446
Sep 12, 2006
- Backport from HEAD: fix ciphersuite selection · ea43804b
  Bodo Möller authored Sep 12, 2006
  
  ea43804b
Sep 06, 2006
- make consistent with 0.9.8-branch version of this file · c2293d2e
  Bodo Möller authored Sep 06, 2006
  
  c2293d2e
Sep 05, 2006
- Don't forget to put back the -dev · e8723988
  Mark J. Cox authored Sep 05, 2006
  
  e8723988
- Bump for 0.9.7l-dev · 60bee5d4
  Mark J. Cox authored Sep 05, 2006
  
  60bee5d4
- Prepare 0.9.7k release · 975a7a48
  Mark J. Cox authored Sep 05, 2006
  
  OpenSSL_0_9_7k
  
  975a7a48
- Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher · ffa04072
  Mark J. Cox authored Sep 05, 2006
```
(CVE-2006-4339)  [Ben Laurie and Google Security Team]

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
```
  ffa04072