summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Peter Avalos [Fri, 20 Jan 2012 00:11:16 +0000 (16:11 -0800)]
Import OpenSSL-1.0.0g.
o Fix for DTLS DoS issue CVE-2012-0050
Peter Avalos [Thu, 5 Jan 2012 00:06:12 +0000 (16:06 -0800)]
Import OpenSSL-1.0.0f.
o Fix for DTLS plaintext recovery attack CVE-2011-4108
o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
o Check parameters are not NULL in GOST ENGINE CVE-2012-0027
o Check for malformed RFC3779 data CVE-2011-4577
Peter Avalos [Wed, 21 Sep 2011 00:22:53 +0000 (17:22 -0700)]
Import OpenSSL-1.0.0e.
o Fix for CRL vulnerability issue CVE-2011-3207
o Fix for ECDH crashes CVE-2011-3210
o Protection against EC timing attacks.
o Support ECDH ciphersuites for certificates using SHA2 algorithms.
o Various DTLS fixes.
Peter Avalos [Wed, 9 Feb 2011 04:59:57 +0000 (18:59 -1000)]
Import OpenSSL-1.0.0d.
Peter Avalos [Sun, 12 Dec 2010 00:08:43 +0000 (14:08 -1000)]
Import OpenSSL-1.0.0c.
Peter Avalos [Sun, 21 Nov 2010 05:49:12 +0000 (19:49 -1000)]
Add files to OpenSSL that will generate optimized asm code.
Peter Avalos [Thu, 18 Nov 2010 05:41:45 +0000 (19:41 -1000)]
Import OpenSSL-1.0.0b.
This primarily fixes CVE-2010-3864 and CVE-2010-2939.
Peter Avalos [Wed, 22 Sep 2010 11:21:58 +0000 (01:21 -1000)]
Import OpenSSL-1.0.0a.
Peter Avalos [Sun, 28 Feb 2010 00:07:00 +0000 (00:07 +0000)]
Import OpenSSL-0.9.8m.
This new OpenSSL version is a security and bugfix release which
implements RFC5746 to address renegotiation vulnerabilities mentioned in
CVE-2009-3555. For a complete list of changes, please see the CHANGES
file.
Aggelos Economopoulos [Wed, 11 Nov 2009 10:47:52 +0000 (10:47 +0000)]
Remove README.DRAGONFLY from vendor branch
Aggelos Economopoulos [Sat, 7 Nov 2009 18:44:09 +0000 (18:44 +0000)]
Import OpenSSL 0.9.8l
Disables renegotiation to workaround CVE-2009-3555.
Peter Avalos [Sat, 11 Apr 2009 03:00:56 +0000 (03:00 +0000)]
Upgrade to OpenSSL-0.9.8k.
This fixes security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789)
and other minor bugs. See CHANGES for more details.
Peter Avalos [Sat, 11 Apr 2009 02:44:26 +0000 (02:44 +0000)]
Add README.DELETED to the vendor branch for OpenSSL.
This is probably a good idea for other directories as well. It's too
cumbersome not having this file available on the vendor branch, since
that's really where the work is done to remove unwanted files from the
vendor's distribution.
Peter Avalos [Sun, 11 Jan 2009 19:56:29 +0000 (14:56 -0500)]
Import OpenSSL 0.9.8j.
Note that we're adding a stripped-down doc/ and utils/ since we need
these to build our manual pages.
Peter Avalos [Sun, 11 Jan 2009 17:35:26 +0000 (12:35 -0500)]
Move openssl-0.9/ to openssl/.
Versioning the directories just really doesn't make sense, especially
now with git.
Peter Avalos [Sun, 11 Jan 2009 17:13:24 +0000 (12:13 -0500)]
Remove old versions of OpenSSL.
Peter Avalos [Sat, 27 Sep 2008 20:51:29 +0000 (20:51 +0000)]
Import OpenSSL-0.9.8i.
Peter Avalos [Sat, 6 Sep 2008 20:36:16 +0000 (20:36 +0000)]
Import OpenSSL 0.9.8h.
Peter Avalos [Thu, 25 Oct 2007 04:11:26 +0000 (04:11 +0000)]
Import OpenSSL-0.9.8g.
Peter Avalos [Fri, 12 Oct 2007 19:40:12 +0000 (19:40 +0000)]
Import OpenSSL-0.9.8f.
Peter Avalos [Wed, 28 Mar 2007 19:01:30 +0000 (19:01 +0000)]
Import OpenSSL 0.9.8e.
Peter Avalos [Mon, 20 Nov 2006 05:16:00 +0000 (05:16 +0000)]
Import OpenSSL 0.9.8d.
Simon Schubert [Wed, 6 Sep 2006 12:35:33 +0000 (12:35 +0000)]
Import OpenSSL 0.9.8c
Simon Schubert [Sat, 3 Dec 2005 13:48:16 +0000 (13:48 +0000)]
Import OpenSSL 0.9.8a
Simon Schubert [Thu, 7 Jul 2005 12:04:51 +0000 (12:04 +0000)]
Import of openssl-0.9.8, a feature release.
Jeroen Ruigrok/asmodai [Sat, 18 Dec 2004 15:29:53 +0000 (15:29 +0000)]
Add OpenSSL 0.9.7e.
Notable changes:
- Fix race condition in CRL checking code.
- Fixes to PKCS#7 (S/MIME) code.
Jeroen Ruigrok/asmodai [Tue, 31 Aug 2004 20:02:04 +0000 (20:02 +0000)]
Add OpenSSL 0.9.7d.
Jeroen Ruigrok/asmodai [Sun, 29 Aug 2004 12:45:27 +0000 (12:45 +0000)]
Add OpenSSL 0.9.7d.