Menu

Commit [r970]  Maximize  Restore  History

Update to OpenSSL 1.0.1g

tortoisesvn 2014-04-08

1 2 3 > >> (Page 1 of 3)
changed /trunk/ext/openssl/CHANGES
changed /trunk/ext/openssl/Configure
changed /trunk/ext/openssl/FAQ
changed /trunk/ext/openssl/Makefile.org
changed /trunk/ext/openssl/NEWS
changed /trunk/ext/openssl/README
changed /trunk/ext/openssl/apps/apps.c
changed /trunk/ext/openssl/apps/crl.c
changed /trunk/ext/openssl/apps/dgst.c
changed /trunk/ext/openssl/apps/ecparam.c
changed /trunk/ext/openssl/apps/req.c
changed /trunk/ext/openssl/crypto/aes/asm/vpaes-x86_64.pl
changed /trunk/ext/openssl/crypto/asn1/asn1_err.c
changed /trunk/ext/openssl/crypto/bio/bss_log.c
changed /trunk/ext/openssl/crypto/bn/bn.h
changed /trunk/ext/openssl/crypto/bn/bn_lib.c
changed /trunk/ext/openssl/crypto/cms/cms_lib.c
changed /trunk/ext/openssl/crypto/cryptlib.c
changed /trunk/ext/openssl/crypto/ec/ec2_mult.c
changed /trunk/ext/openssl/crypto/engine/eng_list.c
changed /trunk/ext/openssl/crypto/evp/bio_b64.c
changed /trunk/ext/openssl/crypto/modes/gcm128.c
changed /trunk/ext/openssl/crypto/opensslv.h
changed /trunk/ext/openssl/crypto/rand/md_rand.c
changed /trunk/ext/openssl/crypto/rand/rand_win.c
/trunk/ext/openssl/CHANGES Diff Switch to side-by-side view
--- a/trunk/ext/openssl/CHANGES
+++ b/trunk/ext/openssl/CHANGES
@@ -1,6 +1,35 @@
 
  OpenSSL CHANGES
  _______________
+
+ Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
+
+  *) A missing bounds check in the handling of the TLS heartbeat extension
+     can be used to reveal up to 64k of memory to a connected client or
+     server.
+
+     Thanks for Neel Mehta of Google Security for discovering this bug and to
+     Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
+     preparing the fix (CVE-2014-0160)
+     [Adam Langley, Bodo Moeller]
+
+  *) Fix for the attack described in the paper "Recovering OpenSSL
+     ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
+     by Yuval Yarom and Naomi Benger. Details can be obtained from:
+     http://eprint.iacr.org/2014/140
+
+     Thanks to Yuval Yarom and Naomi Benger for discovering this
+     flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
+     [Yuval Yarom and Naomi Benger]
+
+  *) TLS pad extension: draft-agl-tls-padding-03
+
+     Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
+     TLS client Hello record length value would otherwise be > 255 and
+     less that 512 pad with a dummy extension containing zeroes so it
+     is at least 512 bytes long.
+
+     [Adam Langley, Steve Henson]
 
  Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
 
/trunk/ext/openssl/Configure Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/FAQ Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/Makefile.org Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/NEWS Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/README Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/apps/apps.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/apps/crl.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/apps/dgst.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/apps/ecparam.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/apps/req.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/aes/asm/vpaes-x86_64.pl Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/asn1/asn1_err.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/bio/bss_log.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/bn/bn.h Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/bn/bn_lib.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/cms/cms_lib.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/cryptlib.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/ec/ec2_mult.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/engine/eng_list.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/evp/bio_b64.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/modes/gcm128.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/opensslv.h Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/rand/md_rand.c Diff Switch to side-by-side view
Loading...
/trunk/ext/openssl/crypto/rand/rand_win.c Diff Switch to side-by-side view
Loading...
1 2 3 > >> (Page 1 of 3)
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.