generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/crypto
History
Mark J. Cox b213966415 Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:53:51 +00:00
..
aes
Mitigate the hazard of cache-collision timing attack on last round
2006-06-28 08:57:22 +00:00
asn1
Introduce limits to prevent malicious keys being able to
2006-09-28 11:53:51 +00:00
bf
Fix from HEAD.
2006-02-04 01:50:41 +00:00
bio
Fix from HEAD.
2006-02-04 01:50:41 +00:00
bn
Ensure that the addition mods[i]+delta cannot overflow in probable_prime().
2006-09-19 10:00:29 +00:00
buffer
Fix from HEAD.
2006-02-04 01:50:41 +00:00
cast
Fix from HEAD.
2006-02-04 01:50:41 +00:00
comp
Fix from HEAD.
2006-02-04 01:50:41 +00:00
conf
Fix from HEAD.
2006-02-04 01:50:41 +00:00
des
Fix from HEAD.
2006-02-04 01:50:41 +00:00
dh
Introduce limits to prevent malicious keys being able to
2006-09-28 11:53:51 +00:00
dsa
Introduce limits to prevent malicious keys being able to
2006-09-28 11:53:51 +00:00
dso
Fix from HEAD.
2006-02-04 01:50:41 +00:00
ec
rewrite of bn_nist.c, disable support for some curves on 64 bit platforms
2005-05-03 20:23:33 +00:00
engine
bugfix: register engine as default engine in ENGINE_set_default_DSA
2005-09-09 07:53:39 +00:00
err
Thread-safety fixes
2006-06-14 08:50:11 +00:00
evp
Check pbe2->keyfunc->parameter is not NULL before dereferencing.
2006-04-15 17:42:46 +00:00
hmac
Fix from HEAD.
2006-02-04 01:50:41 +00:00
idea
Fix from HEAD.
2006-02-04 01:50:41 +00:00
krb5
Add emacs cache files to .cvsignore.
2005-04-11 14:18:14 +00:00
lhash
Fix from HEAD.
2006-02-04 01:50:41 +00:00
md2
Fix from HEAD.
2006-02-04 01:50:41 +00:00
md4
Fix from HEAD.
2006-02-04 01:50:41 +00:00
md5
Fix from HEAD.
2006-02-04 01:50:41 +00:00
mdc2
Fix from HEAD.
2006-02-04 01:50:41 +00:00
objects
Fix from HEAD.
2006-02-04 01:50:41 +00:00
ocsp
Rebuild error codes.
2005-04-12 16:15:22 +00:00
pem
Fix from HEAD.
2006-02-04 01:50:41 +00:00
perlasm
Fix from HEAD.
2006-02-04 01:27:52 +00:00
pkcs7
Fix from HEAD.
2006-07-09 12:05:10 +00:00
pkcs12
Fix from HEAD.
2006-05-17 18:20:53 +00:00
rand
use <poll.h> as by Single Unix Specification
2006-06-30 08:15:13 +00:00
rc2
fix "#ifndef HZ" statement
2006-02-28 20:15:56 +00:00
rc4
Fix from HEAD.
2006-02-04 01:50:41 +00:00
rc5
Fix from HEAD.
2006-02-04 01:50:41 +00:00
ripemd
Fix from HEAD.
2006-02-04 01:50:41 +00:00
rsa
Introduce limits to prevent malicious keys being able to
2006-09-28 11:53:51 +00:00
sha
Fix from HEAD.
2006-02-04 01:50:41 +00:00
stack
Fix from HEAD.
2006-02-04 01:50:41 +00:00
threads
Only use environment variables if uid and gid are the same as euid and egid.
2003-12-27 16:07:20 +00:00
txt_db
Fix from HEAD.
2006-02-04 01:50:41 +00:00
ui
Rebuild error codes.
2005-04-12 16:15:22 +00:00
x509
Fix from HEAD.
2006-02-04 01:50:41 +00:00
x509v3
Place hex_to_string and string_to_hex in separate source file to avoid
2006-06-20 18:06:40 +00:00
.cvsignore
Add emacs cache files to .cvsignore.
2005-04-11 14:18:14 +00:00
cpt_err.c
Rebuild error codes.
2005-04-12 16:15:22 +00:00
cryptlib.c
Replace detached signature with in-core fingerprinting.
2006-01-21 14:01:30 +00:00
cryptlib.h
Backport OPENSSL_NONPIC_relocated from HEAD.
2005-04-13 08:49:51 +00:00
crypto-lib.com
Synchronise with the Unix build
2006-06-21 05:08:36 +00:00
crypto.h
Eliminate "statement with no effect" warning when OPENSSL_assert macro
2005-05-08 19:52:13 +00:00
cversion.c
(oops) Apologies all, that last header-cleanup commit was from the wrong
2004-04-19 18:09:28 +00:00
ebcdic.c
Oops, this file already had the "empty source file" workaround but it
2003-10-29 22:25:04 +00:00
ebcdic.h
EBCDIC support.
2000-02-01 02:21:16 +00:00
ex_data.c
(oops) Apologies all, that last header-cleanup commit was from the wrong
2004-04-19 18:09:28 +00:00
install.com
Add store.h among the exported headers on VMS.
2004-03-24 09:52:16 +00:00
Makefile
Fix from HEAD.
2006-02-04 01:50:41 +00:00
md32_common.h
FIPS algorithm blocking.
2005-01-26 20:00:40 +00:00
mem_clr.c
avoid warnings when building on systems where sizeof(void *) > sizeof(int)
2005-04-29 14:26:59 +00:00
mem_dbg.c
Use BUF_strlcpy() instead of strcpy().
2003-12-27 14:40:57 +00:00
mem.c
CRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL
2003-12-01 12:06:19 +00:00
o_str.c
Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX
2005-01-14 16:22:02 +00:00
o_str.h
o_str.c: Windows doesn't have <strings.h>, and since we use _strnicmp() and
2004-07-08 08:32:51 +00:00
o_time.c
Since version 7.0, The C RTL in VMS handles time in terms of UTC
2004-07-19 07:50:43 +00:00
o_time.h
Use one address consistently.
2001-07-05 10:20:07 +00:00
opensslconf.h.in
This fixes the installation target for dynamic engines, which was trying to
2004-06-01 03:18:58 +00:00
opensslv.h
Bump for 0.9.7l-dev
2006-09-05 08:38:12 +00:00
ossl_typ.h
Reduce dependencies on crypto.h by moving the opaque definition of
2004-05-17 18:39:00 +00:00
symhacks.h
Another symbol longer than 31 characters...
2004-09-08 08:13:03 +00:00
tmdiff.c
Netware-specific changes,
2003-11-28 13:10:58 +00:00
tmdiff.h
For whatever reason (compiler or header bugs), at least one commonly-used
2003-10-29 04:40:13 +00:00
uid.c
Netware-specific changes,
2003-11-28 13:10:58 +00:00