generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

synchronize with 0.9.6-stable version of this file

Browse Source
This commit is contained in:
Bodo Möller 2002-10-11 17:53:21 +00:00
parent 8d44d96ec3
commit 84236041c1
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CHANGES
View File

@ -4,6 +4,14 @@
Changes between 0.9.6h and 0.9.7 [XX xxx 2002] Changes between 0.9.6h and 0.9.7 [XX xxx 2002]
*) Change from security patch (see 0.9.6e below) that did not affect
the 0.9.6 release series:
Remote buffer overflow in SSL3 protocol - an attacker could
supply an oversized master key in Kerberos-enabled versions.
(CAN-2002-0657)
[Ben Laurie (CHATS)]
*) Change the SSL kerb5 codes to match RFC 2712. *) Change the SSL kerb5 codes to match RFC 2712.
[Richard Levitte] [Richard Levitte]
@ -1719,7 +1727,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
overflow checks added in 0.9.6e. This prevents DoS (the overflow checks added in 0.9.6e. This prevents DoS (the
assertions could call abort()). assertions could call abort()).
[Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller] [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]
Changes between 0.9.6d and 0.9.6e [30 Jul 2002] Changes between 0.9.6d and 0.9.6e [30 Jul 2002]
*) Add various sanity checks to asn1_get_length() to reject *) Add various sanity checks to asn1_get_length() to reject
@ -1770,11 +1778,6 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
too small for 64 bit platforms. (CAN-2002-0655) too small for 64 bit platforms. (CAN-2002-0655)
[Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)> [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
*) Remote buffer overflow in SSL3 protocol - an attacker could
supply an oversized master key in Kerberos-enabled versions.
(CAN-2002-0657)
[Ben Laurie (CHATS)]
*) Remote buffer overflow in SSL3 protocol - an attacker could *) Remote buffer overflow in SSL3 protocol - an attacker could
supply an oversized session ID to a client. (CAN-2002-0656) supply an oversized session ID to a client. (CAN-2002-0656)
[Ben Laurie (CHATS)] [Ben Laurie (CHATS)]
@ -1869,13 +1872,13 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
value is 0. value is 0.
[Richard Levitte] [Richard Levitte]
*) Add the configuration target linux-s390x.
[Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
*) [In 0.9.6d-engine release:] *) [In 0.9.6d-engine release:]
Fix a crashbug and a logic bug in hwcrhk_load_pubkey(). Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
[Toomas Kiisk <vix@cyber.ee> via Richard Levitte] [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
*) Add the configuration target linux-s390x.
[Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
*) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
variable as an indication that a ClientHello message has been variable as an indication that a ClientHello message has been