Commits · c830c1a209b7159c21a4c609623ee1c723d1f5c9 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

28 Sep, 2006 2 commits

Prepare for 0.9.7l release · c830c1a2
Mark J. Cox authored Sep 28, 2006

OpenSSL_0_9_7l

c830c1a2

Introduce limits to prevent malicious keys being able to · b2139664

Mark J. Cox authored Sep 28, 2006

cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]

b2139664

22 Sep, 2006 2 commits
- Fix from HEAD. · 8db3f4ac
  Dr. Stephen Henson authored Sep 22, 2006
  
  8db3f4ac
- Fix from head. · 4ebd255a
  Dr. Stephen Henson authored Sep 22, 2006
  
  4ebd255a
19 Sep, 2006 1 commit
- Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). · d9d29446
  Bodo Möller authored Sep 19, 2006
```
[Problem pointed out by Adam Young <adamy (at) acm.org>]
```
  d9d29446
12 Sep, 2006 1 commit
- Backport from HEAD: fix ciphersuite selection · ea43804b
  Bodo Möller authored Sep 12, 2006
  
  ea43804b
06 Sep, 2006 1 commit
- make consistent with 0.9.8-branch version of this file · c2293d2e
  Bodo Möller authored Sep 06, 2006
  
  c2293d2e
05 Sep, 2006 4 commits
- Don't forget to put back the -dev · e8723988
  Mark J. Cox authored Sep 05, 2006
  
  e8723988
- Bump for 0.9.7l-dev · 60bee5d4
  Mark J. Cox authored Sep 05, 2006
  
  60bee5d4
- Prepare 0.9.7k release · 975a7a48
  Mark J. Cox authored Sep 05, 2006
  
  OpenSSL_0_9_7k
  
  975a7a48
- Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher · ffa04072
  Mark J. Cox authored Sep 05, 2006
```
(CVE-2006-4339)  [Ben Laurie and Google Security Team]

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
```
  ffa04072
31 Aug, 2006 1 commit
- Update from HEAD. · 6f414aef
  Dr. Stephen Henson authored Aug 31, 2006
  
  6f414aef
13 Jul, 2006 1 commit
- Fix from HEAD. Except we can't stream multipart/signed in 0.9.7 so that case · 45e33ebe
  Dr. Stephen Henson authored Jul 13, 2006
```
still rewinds the stream.
```
  45e33ebe
09 Jul, 2006 1 commit
- Fix from HEAD. · 0f562e2a
  Dr. Stephen Henson authored Jul 09, 2006
  
  0f562e2a
30 Jun, 2006 2 commits
- documentation for "HIGH" vs. "MEDIUM" was not up-to-date · ae268485
  Bodo Möller authored Jun 30, 2006
  
  ae268485
- use <poll.h> as by Single Unix Specification · feee55c6
  Bodo Möller authored Jun 30, 2006
  
  feee55c6
28 Jun, 2006 2 commits
- always read if we can't use select because of a too large FD · 81edd235
  Bodo Möller authored Jun 28, 2006
```
(it's non-blocking mode anyway)
```
  81edd235
- Mitigate the hazard of cache-collision timing attack on last round · 23c13189
  Andy Polyakov authored Jun 28, 2006
```
[from HEAD].
```
  23c13189
27 Jun, 2006 1 commit
- Use poll() when possible to gather Unix randomness entropy · bdd00f8c
  Richard Levitte authored Jun 27, 2006
  
  bdd00f8c
23 Jun, 2006 1 commit
- Be more explicit about requirements for multi-threading. · 30c99d45
  Bodo Möller authored Jun 23, 2006
  
  30c99d45
21 Jun, 2006 1 commit
- Synchronise with the Unix build · e4a901b0
  Richard Levitte authored Jun 21, 2006
  
  e4a901b0
20 Jun, 2006 1 commit
- Place hex_to_string and string_to_hex in separate source file to avoid · e25a2423
  Dr. Stephen Henson authored Jun 20, 2006
```
dragging in extra dependencies when just these functions are used.
```
  e25a2423
16 Jun, 2006 1 commit
- Thread-safety fixes · 094c6aa5
  Bodo Möller authored Jun 16, 2006
  
  094c6aa5
14 Jun, 2006 2 commits
- Disable invalid ciphersuites · c098e8b6
  Bodo Möller authored Jun 14, 2006
  
  c098e8b6
- Thread-safety fixes · 019a63f9
  Bodo Möller authored Jun 14, 2006
  
  019a63f9
17 May, 2006 2 commits
- Fix from head. · 6651ac38
  Dr. Stephen Henson authored May 17, 2006
  
  6651ac38
- Fix from HEAD. · 0be0592e
  Dr. Stephen Henson authored May 17, 2006
  
  0be0592e
04 May, 2006 5 commits
- Update for next dev version. · a6fb8a82
  Dr. Stephen Henson authored May 04, 2006
  
  a6fb8a82
- Prepare for release · d26d2361
  Dr. Stephen Henson authored May 04, 2006
  
  OpenSSL_0_9_7j
  
  d26d2361
- make update · 3dcd6cf0
  Dr. Stephen Henson authored May 04, 2006
  
  3dcd6cf0
- Use new fips-1.0 directory in error library. · daaca57e
  Dr. Stephen Henson authored May 04, 2006
  
  daaca57e
- Update CHANGES. · 309d74c8
  Dr. Stephen Henson authored May 04, 2006
  
  309d74c8
24 Apr, 2006 1 commit
- Add new --with-baseaddr command line option to allow the FIPS base address of · 234f2f67
  Dr. Stephen Henson authored Apr 24, 2006
```
libeay32.dll to be explicitly specified.
```
  234f2f67
15 Apr, 2006 1 commit
- Check pbe2->keyfunc->parameter is not NULL before dereferencing. · d4e81773
  Dr. Stephen Henson authored Apr 15, 2006
```
PR: 1316
```
  d4e81773
07 Apr, 2006 2 commits
- Typos. · d366bf79
  Dr. Stephen Henson authored Apr 07, 2006
  
  d366bf79
- Link _chkstk.o from FIPSLIB_D. · 6c9cd652
  Dr. Stephen Henson authored Apr 07, 2006
  
  6c9cd652
03 Apr, 2006 1 commit
- Change chop to chomp when reading lines, so CRLF is properly processed on · dd4263d9
  Richard Levitte authored Apr 03, 2006
```
the operating systems where they are the normal line endings
```
  dd4263d9
31 Mar, 2006 2 commits
- Check flag before calling FIPS_dsa_check(). · f4e43726
  Dr. Stephen Henson authored Mar 31, 2006
  
  f4e43726
- Flag to allow use of DSA_METHOD in FIPS mode. · 6fa6e3e2
  Dr. Stephen Henson authored Mar 31, 2006
  
  6fa6e3e2
28 Mar, 2006 1 commit
- Update build system to make use of validated module in FIPS mode. · fcdf1d3f
  Dr. Stephen Henson authored Mar 28, 2006
  
  fcdf1d3f