Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
113,944 Commits 606 Branches 0 Tags 3.1 GiB
f56e78e36d
Commit Graph

19 Commits

Author SHA1 Message Date
itojun
359e4b88f5 OpenSSL Security Advisory [19 March 2003] 
Klima-Pokorny-Rosa attack on RSA in SSL/TLS
 2003-03-19 23:06:33 +00:00
wiz
658b9c6d28 In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked 
via timing by performing a MAC computation even if incorrect
block cipher padding has been found.  This is a countermeasure
against active attacks where the attacker has to distinguish
between bad padding and a MAC verification error. (CAN-2003-0078)
 2003-02-20 07:39:17 +00:00
itojun
50d422c24f e_os.h is not part of exported openssl interface, so don't install it into 
/usr/include/openssl (e_os.h has an explicit comment about it).  it obviously
is a bug in openssl 0.9.6 Makefile.
based on openssl 0.9.7 snapshot.
 2002-08-31 10:46:36 +00:00
itojun
182c0b6e08 sync with 0.9.6f. prevents DoS attack and regen of manpages. 2002-08-08 23:47:34 +00:00
itojun
f5e63fe4c2 openssl 0.9.6f, with security fixes 2002-08-08 23:14:54 +00:00
itojun
ef920a0913 sync with 0.9.6e. 2002-07-31 01:29:37 +00:00
itojun
25e766824a OpenSSL 0.9.6e. includes major security fixes (already applied) 2002-07-30 23:57:34 +00:00
itojun
e9316c8858 apply patch supplied with OpenSSL Security Advisory [30 July 2002] 
advisory 1: four potentially remotely-exploitable vulnerability in
SSL2/SSL3 code
advisory 2: ASN1 parser vulnerability (all SSL/TLS apps affected)
 2002-07-30 12:55:08 +00:00
itojun
7c75b5ec2f sync with 0.9.6d. shlib minor for libssl and libcrypto 
is cranked for additional functions.
 2002-06-09 16:12:52 +00:00
itojun
7720435b28 openssl 0.9.6d 2002-06-09 15:21:32 +00:00
itojun
f0231f96aa do not propose IDEA cipher on SSL connection, as our default installation 
does not handle IDEA.
TODO: dynamically enable IDEA if libcrypto_idea is linked
 2002-06-09 02:16:18 +00:00
itojun
0eb42056bd OpenSSL 0.9.6b 2001-07-11 03:54:20 +00:00
itojun
35a07da1df use openssl 0.9.6a. shlib major # is bumped for libcrypto, libssl and 
all kerberos libraries.
 2001-04-12 07:48:03 +00:00
itojun
75902e8d9b OpenSSL 0.9.6a 2001-04-12 03:10:36 +00:00
taca
c011ac8db6 - Correct missing closedir(3) in SSL_add_dir_cert_subjects_to_stack(). 
This should be fix the bug that apache enabled SSL may exhaust its
  file descriptors.  Noted by TAKANO Yuji <takachan@running-dog.net>
  on apache@ecc.u-tokyo.ac.jp, apache mailing list in Japanese.

  He had already sent a bug report to openssl-dev@openssl.org, but it
  wasn't fixed in openssl-0.9.6.  :-(
 2000-10-13 01:47:27 +00:00
sommerfeld
dc3402136b Constify variables containing format strings 2000-10-05 14:32:50 +00:00
itojun
9c7b3bf3d5 nuke all NO_<algorithm name> in header file. they change ABI due to 
#ifdef in struct/union definitions, and are bad for us shipping library binary.
 2000-10-01 22:13:14 +00:00
mrg
2429f6a29f OpenSSL 0.9.5a import. 2000-07-16 05:03:53 +00:00
thorpej
1dc0dc5fb1 Import OpenSSL 0.9.4 from netbsd-cryptosrc-intl. 2000-06-14 22:44:19 +00:00