wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8319 commits 20 branches 302 tags 153 MiB
Commit graph

84 commits

Author SHA1 Message Date
Dr. Stephen Henson
a188fc01fe oops, no corrected fix needed for 0.9.8 branch 2010-12-01 17:48:59 +00:00
Dr. Stephen Henson
1948f9e042 update NEWS 2010-12-01 17:16:36 +00:00
Dr. Stephen Henson
2ae47ddbc2 fix CVE-2010-3864 2010-11-16 14:26:18 +00:00
Dr. Stephen Henson
22872a5363 Prepare for release. 2010-06-01 14:47:12 +00:00
Dr. Stephen Henson
3416d11926 update NEWS file 2010-05-27 15:02:27 +00:00
Dr. Stephen Henson
4fae868811 prepare for release 2010-03-24 13:16:55 +00:00
Dr. Stephen Henson
7070cdba4e Prepare for 0.9.8m release 2010-02-25 17:18:23 +00:00
Dr. Stephen Henson
68be98d1a6 update references to new RI RFC 2010-02-12 22:02:07 +00:00
Dr. Stephen Henson
8b8a2928af prepare for release 2010-01-20 17:26:02 +00:00
Dr. Stephen Henson
e10051ef3f Prepare for 0.9.8k release. 2009-03-25 10:46:56 +00:00
Dr. Stephen Henson
6287fa5396 Prepare for 0.9.8j release. 2009-01-07 10:50:54 +00:00
Dr. Stephen Henson
b7e7aa00de Begin release of OpenSSL 0.9.8i. 2008-09-15 10:28:13 +00:00
Lutz Jänicke
32f1f622f6 Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f 2007-10-19 08:25:53 +00:00
Ben Laurie
dd00266757 Ready to roll. 2007-10-11 14:58:15 +00:00
Dr. Stephen Henson
272f9f3d27 Update NEWS file. 2007-09-06 12:59:34 +00:00
Dr. Stephen Henson
29c0866b38 Update docs and NEWS file. 2007-08-23 22:53:57 +00:00
Dr. Stephen Henson
ac319217d0 Update NEWS file. 2007-02-22 01:35:24 +00:00
Bodo Möller
0c66d3ae37 fix typo 2006-09-28 13:30:28 +00:00
Bodo Möller
bd869183d5 for completeness, include 0.9.7l information 2006-09-28 13:29:08 +00:00
Mark J. Cox
951dfbb13a Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
 2006-09-28 11:29:03 +00:00
Mark J. Cox
df20b6e79b Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher 
(CVE-2006-4339)

Submitted by:  Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
 2006-09-05 08:25:42 +00:00
Dr. Stephen Henson
df22f59f6e Update NEWS file. 2006-05-04 11:23:28 +00:00
Mark J. Cox
64932f9e4a Add fixes for CAN-2005-2969 
Bump release ready for OpenSSL_0_9_8a tag
 2005-10-11 10:16:21 +00:00
Richard Levitte
1d01c9d43d Last additions to the release documentation. 2005-07-05 18:32:05 +00:00
Richard Levitte
b2d27e376d Some new news. 2005-06-21 05:46:41 +00:00
Richard Levitte
b257c152c6 A couple more things were added. 2005-05-30 22:51:05 +00:00
Richard Levitte
e0ee5ea962 Added news items for OpenSSL 0.9.8. 2005-05-19 19:12:36 +00:00
Richard Levitte
36521f0150 Add a NEWS item for 0.9.7g. 2005-04-11 15:05:45 +00:00
Dr. Stephen Henson
03386677ed Update NEWS 2004-10-25 17:11:19 +00:00
Dr. Stephen Henson
2990244980 ASN1 parse fix and release file changes. 2003-09-30 16:47:33 +00:00
Richard Levitte
138f970e6e Add the 0.9.6j news. 2003-04-10 20:38:24 +00:00
Richard Levitte
1774e22d6f New NEWS 2003-04-10 19:33:09 +00:00
Richard Levitte
d8cbc93585 Update release information 2003-02-19 14:02:37 +00:00
Richard Levitte
1fc73fef48 Keep NEWS in HEAD up to date. 2002-12-06 00:39:03 +00:00
Richard Levitte
9801fb61d0 Add news items for 0.9.6h and expand on the 0.9.7 news as well. 2002-11-18 23:58:24 +00:00
Richard Levitte
36969082bb Update with the status for 0.9.6g. 2002-08-12 06:54:54 +00:00
Richard Levitte
fbe792f0ac 0.9.6f is released 2002-08-08 22:55:28 +00:00
Lutz Jänicke
b218af2b27 0.9.6e and 0.9.7-beta3 are out. 2002-07-30 11:32:47 +00:00
Lutz Jänicke
5012158adf Minor typos 
Submitted by: jufi@nerdnet.de
Reviewed by:
PR: 138
 2002-07-10 17:34:54 +00:00
Bodo Möller
ea4f109c99 AES cipher suites are now official (RFC3268) 2002-07-04 08:51:09 +00:00
Bodo Möller
ece0bdf1fd typo 2002-06-17 13:59:12 +00:00
Lutz Jänicke
e1f7ea25d2 Make change uniqueIdentifier -> x500UniqueIdentifier clearly visible. 
Submitted by:
Reviewed by:
PR: 82
 2002-06-12 20:46:38 +00:00
Bodo Möller
47234cd3d2 update 2002-05-05 23:47:46 +00:00
Lutz Jänicke
151457ab16 Handle headings uniformly to allow automatic processing. 2002-04-18 08:11:31 +00:00
Lutz Jänicke
e4fb49775b Synchronize with 0.9.7-stable. 2002-04-11 18:43:52 +00:00
Richard Levitte
ef5f6a08ff Synchronise with the 0.9.6 branch. 2001-12-20 16:58:26 +00:00
Bodo Möller
83978bd37a information on 0.9.6c-engine 2001-11-12 22:10:15 +00:00
Mark J. Cox
a3790c0d01 Phew, finished 
Submitted by:
Reviewed by:
PR:
 2001-11-12 20:30:01 +00:00
Mark J. Cox
63b6090f7c I've still got one left; the backport of the Broadcom UBSEC driver to 
0.9.6 that we've got - just waiting for clearance on that one
Submitted by:
Reviewed by:
PR:
 2001-11-12 15:32:11 +00:00
Bodo Möller
e0457d5f7c the PRNG race conditions were mostly a theoretical issue, remove from NEWS 2001-11-12 11:33:38 +00:00