wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12118 commits 20 branches 302 tags 153 MiB
Commit graph

124 commits

Author SHA1 Message Date
Matt Caswell
248808c840 Update CHANGES and NEWS for new release 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-03-01 11:48:43 +00:00
Viktor Dukhovni
bc38a7d2d3 Disable EXPORT and LOW SSLv3+ ciphers by default 
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-03-01 11:20:35 +00:00
Viktor Dukhovni
9dfd2be8a1 Disable SSLv2 default build, default negotiation and weak ciphers. 
SSLv2 is by default disabled at build-time.  Builds that are not
configured with "enable-ssl2" will not support SSLv2.  Even if
"enable-ssl2" is used, users who want to negotiate SSLv2 via the
version-flexible SSLv23_method() will need to explicitly call either
of:

    SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
or
    SSL_clear_options(ssl, SSL_OP_NO_SSLv2);

as appropriate.  Even if either of those is used, or the application
explicitly uses the version-specific SSLv2_method() or its client
or server variants, SSLv2 ciphers vulnerable to exhaustive search
key recovery have been removed.  Specifically, the SSLv2 40-bit
EXPORT ciphers, and SSLv2 56-bit DES are no longer available.

Mitigation for CVE-2016-0800

Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-03-01 11:20:10 +00:00
Matt Caswell
22d192f106 Prepare for 1.0.2g-dev 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-01-28 13:58:24 +00:00
Matt Caswell
95605f3ae1 Prepare for 1.0.2f release 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-01-28 13:57:22 +00:00
Matt Caswell
f26a179abc Update CHANGES and NEWS for release 
Add details about the latest issues into CHANGES and NEWS ready for the
next release.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-01-28 13:49:56 +00:00
Matt Caswell
8a27243c7b Prepare for 1.0.2f-dev 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-03 14:45:41 +00:00
Matt Caswell
bfe07df40c Prepare for 1.0.2e release 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-03 14:44:31 +00:00
Matt Caswell
9330fbd07f Update CHANGES and NEWS 
Update the CHANGES and NEWS files for the new release.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-03 14:32:05 +00:00
Matt Caswell
a7ef1e9072 Prepare for 1.0.2e-dev 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-07-09 13:18:51 +01:00
Matt Caswell
33dd083206 Prepare for 1.0.2d release 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-07-09 13:03:09 +01:00
Matt Caswell
5627e0f77d Update CHANGES and NEWS for the new release 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-07-09 09:31:25 +01:00
Matt Caswell
54ae378c9e Prepare for 1.0.2d-dev 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-06-12 16:14:35 +01:00
Matt Caswell
0ee5fcde06 Prepare for 1.0.2c release 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-06-12 16:10:40 +01:00
Matt Caswell
d4c1763858 Updated CHANGES and NEWS entries for new release 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-06-12 15:56:51 +01:00
Matt Caswell
b6ed991731 Prepare for 1.0.2c-dev 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-06-11 14:59:37 +01:00
Matt Caswell
7b560c174d Prepare for 1.0.2b release 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-06-11 14:55:38 +01:00
Matt Caswell
ab17f6b746 Update CHANGES and NEWS 
Updates to CHANGES and NEWS to take account of the latest security fixes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-06-11 14:52:39 +01:00
Matt Caswell
0d6d10d97d Prepare for 1.0.2b-dev 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-19 13:34:56 +00:00
Matt Caswell
3df69d3aef Prepare for 1.0.2a release 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-19 13:31:16 +00:00
Matt Caswell
7b22e8d01f Update NEWS file 
Update the NEWS file with the latest entries from CHANGES ready for the
release.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-19 12:58:35 +00:00
Matt Caswell
128b271c8d Fix discrepancy in NEWS file 
There was a discrepancy between the 1.0.2 version of NEWS and the 1.0.1
version. This fixes it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-19 12:58:35 +00:00
Matt Caswell
d6e903d188 Remove overlapping CHANGES/NEWS entries 
Remove entries from CHANGES and NEWS from letter releases that occur *after*
the next point release. Without this we get duplicate entries for the same
issue appearing multiple times.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-19 12:58:35 +00:00
Matt Caswell
06aab26874 Prepare for 1.0.2a-dev 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-01-22 16:16:24 +00:00
Matt Caswell
4ac0329582 Prepare for 1.0.2 release 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-01-22 16:12:26 +00:00
Matt Caswell
25fc5ac48a NEWS update 
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2015-01-22 14:49:24 +00:00
Matt Caswell
010d37621d Updates to NEWS file 
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-10-15 08:54:27 -04:00
Matt Caswell
5e60396fe7 Added 1.0.1i CHANGES and NEWS updates 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-25 21:29:25 +01:00
Dr. Stephen Henson
74360af359 Update NEWS. 2014-06-07 15:27:23 +01:00
Dr. Stephen Henson
363dede7a5 Update NEWS. 2014-04-07 21:32:56 +01:00
Dr. Stephen Henson
43866bd6fc update NEWS 2014-04-07 19:29:04 +01:00
Dr. Stephen Henson
251c47001b update NEWS with v3_scts.c issue 2014-02-25 15:08:45 +00:00
Dr. Stephen Henson
7101fd705c update NEWS 2014-02-25 13:56:40 +00:00
Dr. Stephen Henson
6a6e08960e Update NEWS with known issue. 2014-02-24 16:31:44 +00:00
Dr. Stephen Henson
1d6af3d430 update NEWS 2014-01-09 22:50:07 +00:00
Dr. Stephen Henson
a05a2c67ef Update NEWS. 2014-01-07 15:41:04 +00:00
Dr. Stephen Henson
04d6940436 update NEWS 2014-01-02 19:12:47 +00:00
Dr. Stephen Henson
d43b040773 Add release dates to NEWS 2013-12-10 00:08:33 +00:00
Bodo Moeller
1b9a59c36a Sync CHANGES and NEWS files. 2013-09-16 14:54:34 +02:00
Dr. Stephen Henson
25ec498dc7 update NEWS 2012-03-13 22:49:27 +00:00
Dr. Stephen Henson
02e22c35fe update NEWS 2012-02-21 14:21:32 +00:00
Dr. Stephen Henson
d9c3ba05e7 update NEWS 2012-01-02 16:31:46 +00:00
Dr. Stephen Henson
733394d6dd Add some entries for 1.0.1 in NEWS. 2011-10-10 00:27:52 +00:00
Dr. Stephen Henson
2de9558dea sync NEWS with 1.0.0 branch 2011-10-10 00:23:14 +00:00
Bodo Möller
8c93c4dd42 OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) 
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
 2011-02-08 17:48:41 +00:00
Bodo Möller
45d63a5408 Synchronize with 1.0.0 branch 2011-02-08 08:48:34 +00:00
Bodo Möller
eed56c77b4 fix omission 2011-02-03 11:19:52 +00:00
Bodo Möller
346601bc32 CVE-2010-4180 fix (from OpenSSL_1_0_0-stable) 2011-02-03 10:42:00 +00:00
Dr. Stephen Henson
618265e645 Fix CVE-2010-1633 and CVE-2010-0742. 2010-06-01 13:17:06 +00:00
Dr. Stephen Henson
5b3a6eedd1 update NEWS 2010-05-27 15:05:01 +00:00