Bodo Möller
f7d2402cab
Fix Valgrind warning.
...
Submitted by: Adam Langley
2012-09-24 19:50:07 +00:00
Richard Levitte
afa0580cd5
Remove duplicate symbol in crypto/symhacks.h
...
Have the new names start in column 48, that makes it easy to see when
the 31 character limit is reached (on a 80 column display, do the math)
2012-07-05 09:06:20 +00:00
Dr. Stephen Henson
4baee3031c
PR: 2813
...
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>
Fix possible deadlock when decoding public keys.
2012-05-11 13:49:15 +00:00
Dr. Stephen Henson
db7a72b224
prepare for next version
2012-05-10 16:01:11 +00:00
Dr. Stephen Henson
f856173c43
prepare for 0.9.8x release
2012-05-10 14:36:07 +00:00
Dr. Stephen Henson
3978429ad5
Reported by: Solar Designer of Openwall
...
Make sure tkeylen is initialised properly when encrypting CMS messages.
2012-05-10 13:27:57 +00:00
Dr. Stephen Henson
e22e770147
prepare for next version
2012-04-23 21:15:22 +00:00
Dr. Stephen Henson
6dde222aae
prepare form 0.9.8w release
2012-04-23 20:45:29 +00:00
Dr. Stephen Henson
8d038a08fb
The fix for CVE-2012-2110 did not take into account that the
...
'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
int in OpenSSL 0.9.8, making it still vulnerable. Fix by
rejecting negative len parameter.
Thanks to the many people who reported this bug and to Tomas Hoger
<thoger@redhat.com> for supplying the fix.
2012-04-23 20:35:55 +00:00
Dr. Stephen Henson
747c6ffda4
correct error code
2012-04-22 13:31:46 +00:00
Dr. Stephen Henson
eb7112c18e
prepare for next version
2012-04-19 17:03:28 +00:00
Dr. Stephen Henson
8ab27e6ef7
prepare for 0.9.8v release
2012-04-19 11:39:03 +00:00
Dr. Stephen Henson
556e27b14f
Check for potentially exploitable overflows in asn1_d2i_read_bio
...
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-04-19 11:36:09 +00:00
Dr. Stephen Henson
e351e2a7cf
prepare for next version
2012-03-12 16:35:13 +00:00
Dr. Stephen Henson
215276243d
corrected fix to PR#2711 and also cover mime_param_cmp
2012-03-12 15:25:53 +00:00
Dr. Stephen Henson
2fad41d155
prepare for release
2012-03-12 14:53:14 +00:00
Dr. Stephen Henson
4f2fc3c2dd
Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and
...
continue with symmetric decryption process to avoid leaking timing
information to an attacker.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
2012-03-12 14:51:45 +00:00
Dr. Stephen Henson
25d5d15fd5
check return value of BIO_write in PKCS7_decrypt
2012-03-08 14:01:44 +00:00
Dr. Stephen Henson
725713f74a
PR: 2755
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reduce MTU after failed transmissions. [0.9.8 version of patch]
2012-03-07 15:14:16 +00:00
Dr. Stephen Henson
73eb0972cf
return failure code if I/O error
2012-03-06 19:08:30 +00:00
Dr. Stephen Henson
6720779c7e
revert PR#2755: it breaks compilation
2012-03-06 18:25:33 +00:00
Dr. Stephen Henson
b2a2c6af2a
PR: 2755
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reduce MTU after failed transmissions.
2012-03-06 13:45:47 +00:00
Dr. Stephen Henson
272993bac4
PR: 2696 Submitted by: Rob Austein <sra@hactrn.net>
...
Fix inverted range problem in RFC3779 code.
Thanks to Andrew Chi for generating test cases for this bug.
[from HEAD]
2012-03-06 13:37:52 +00:00
Dr. Stephen Henson
58532ae047
oops, revert unrelated patches
2012-03-06 13:22:32 +00:00
Dr. Stephen Henson
4e7f6d380d
PR: 2748
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix possible DTLS timer deadlock.
2012-03-06 13:20:20 +00:00
Dr. Stephen Henson
f0be325f88
Fix memory leak cause by race condition when creating public keys.
...
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-28 14:47:36 +00:00
Dr. Stephen Henson
b66af23aa9
free headers after use in error message
2012-02-27 16:26:32 +00:00
Dr. Stephen Henson
29d0c13e97
Detect symmetric crypto errors in PKCS7_decrypt.
...
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-27 15:23:20 +00:00
Dr. Stephen Henson
8a4e81a269
PR: 2711
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Tolerate bad MIME headers in parser.
2012-02-23 21:50:13 +00:00
Dr. Stephen Henson
a72ce94213
prepare for next version
2012-01-18 14:27:13 +00:00
Dr. Stephen Henson
3309f8313c
prepare for release
2012-01-18 13:14:49 +00:00
Dr. Stephen Henson
875ac0ec00
fix warning
2012-01-10 14:37:00 +00:00
Dr. Stephen Henson
244788464a
update for next version
2012-01-04 23:56:13 +00:00
Dr. Stephen Henson
b3cebd5acf
prepare for 0.9.8s release
2012-01-04 19:20:49 +00:00
Dr. Stephen Henson
1db0bbdc76
Fix double free in policy check code (CVE-2011-4109)
2012-01-04 19:00:28 +00:00
Dr. Stephen Henson
0e3a930fb4
Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)
2012-01-04 18:44:20 +00:00
Andy Polyakov
2ee77d36a0
x86-mont.pl: fix bug in integer-only squaring path [from HEAD].
...
PR: 2648
2011-12-09 14:28:48 +00:00
Bodo Möller
72033fde7b
Fix ecdsatest.c.
...
Submitted by: Emilia Kasper
2011-12-02 12:40:25 +00:00
Bodo Möller
9adf3fcf9a
Fix BIO_f_buffer().
...
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
2011-12-02 12:23:57 +00:00
Andy Polyakov
65f7456652
ppc.pl: fix bug in bn_mul_comba4 [from HEAD].
...
PR: 2636
Submitted by: Charles Bryant
2011-11-05 10:17:06 +00:00
Dr. Stephen Henson
f8731bc2fd
PR: 2632
...
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve
Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
2011-10-26 16:42:48 +00:00
Bodo Möller
195d6bf760
BN_BLINDING multi-threading fix.
...
Submitted by: Emilia Kasper (Google)
2011-10-19 14:57:59 +00:00
Dr. Stephen Henson
6d50bce79f
PR: 2482
...
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
2011-10-09 00:56:18 +00:00
Dr. Stephen Henson
85e776885b
PR: 2606
...
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve
Handle timezones correctly in UTCTime.
2011-09-23 13:40:06 +00:00
Bodo Möller
1c7c69a8a5
Fix memory leak on bad inputs.
2011-09-05 09:56:48 +00:00
Bodo Möller
24ad061037
Move OPENSSL_init declaration out of auto-generated code section
...
(it is not auto-generated).
2011-09-05 09:52:58 +00:00
Dr. Stephen Henson
92f96fa721
PR: 2576
...
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve
Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
2011-09-02 11:20:49 +00:00
Dr. Stephen Henson
0d1e362363
PR: 2340
...
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve
Stop warnings if OPENSSL_NO_DGRAM is defined.
2011-09-01 15:03:10 +00:00
Dr. Stephen Henson
a0bf2c86ab
make timing attack protection unconditional
2011-09-01 14:23:41 +00:00
Dr. Stephen Henson
24d0524f31
PR: 2588
...
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Close file pointer.
2011-09-01 13:48:48 +00:00