| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fix BIND remote denial of service. [13:04]
Security: CVE-2013-0166, CVE-2013-0169
Security: FreeBSD-SA-13:03.openssl
Security: CVE-2013-2266
Security: FreeBSD-SA-13:04.bind
Approved by: so
Notes:
svn path=/releng/9.0/; revision=249029
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]
Security: FreeBSD-SA-12:01.openssl (revised)
Security: FreeBSD-SA-12:02.crypt
Approved by: so (bz, simon)
Notes:
svn path=/releng/9.0/; revision=236304
|
| |
|
|
|
|
|
|
|
|
| |
Security: CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
Security: CVE-2012-0884, CVE-2012-2110
Security: FreeBSD-SA-12:01.openssl
Approved by: so (bz,simon)
Notes:
svn path=/releng/9.0/; revision=234954
|
| |\
| |
| |
| |
| |
| |
| |
| |
| | |
Security: CVE-2010-4180
Security: http://www.openssl.org/news/secadv_20101202.txt
MFC after: 3 days
Notes:
svn path=/head/; revision=216166
|
| |\|
| |
| |
| |
| |
| |
| |
| | |
Security: CVE-2010-3864
Security: http://www.openssl.org/news/secadv_20101116.txt
Notes:
svn path=/head/; revision=215697
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make inline assembler clang-friendly [from HEAD].
openssl/crypto/md32_common.h 1.45.2.1 -> 1.45.2.2
openssl/crypto/rc5/rc5_locl.h 1.8 -> 1.8.8.1
Approved by: simon
Notes:
svn path=/head/; revision=212961
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes CVE-2010-0740 which only affected -CURRENT (OpenSSL 0.9.8m)
but not -STABLE branches.
I have not yet been able to find out if CVE-2010-0433 impacts FreeBSD.
This will be investigated further.
Security: CVE-2010-0433, CVE-2010-0740
Security: http://www.openssl.org/news/secadv_20100324.txt
Notes:
svn path=/head/; revision=206046
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL. The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.
MFC after: 3 weeks
Notes:
svn path=/head/; revision=205128
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Fix memory consumption bug with "future epoch" DTLS records.
- Fix fragment handling memory leak.
- Do not access freed data structure.
- Fix DTLS fragment bug - out-of-sequence message handling which could
result in NULL pointer dereference in
dtls1_process_out_of_seq_message().
Note that this will not get FreeBSD Security Advisory as DTLS is
experimental in OpenSSL.
MFC after: 1 week
Security: CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1387
Notes:
svn path=/head/; revision=196474
|
| |\|
| |
| |
| |
| |
| |
| | |
Approved by: re
Notes:
svn path=/head/; revision=194206
|
| | |
| |
| |
| | |
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=182044
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]
Security: FreeBSD-SA-09:07.libc
Security: FreeBSD-SA-09:08.openssl
Security: CVE-2009-0590
Approved by: re (kensmith)
Approved by: so (cperciva)
Notes:
svn path=/head/; revision=191381
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
with OpenSSL 0.9.8 import.
Note that this does not enable cryptodev by default, as it was the
case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it
possible to enable cryptodev at all.
This has been submitted upstream as:
http://rt.openssl.org/Ticket/Display.html?id=1624
Submitted by: nork
Notes:
svn path=/head/; revision=175292
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
casts a bit less evil.
This was e.g. seen when using portsnap as:
Fetching snapshot tag from portsnap3.FreeBSD.org... Illegal instruction
Note the patch is slightly different from kan's original patch to
match style in the OpenSSL source files a bit better.
Submitted by: kan
Tested by: many
Notes:
svn path=/head/; revision=169883
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=167618
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
EVP_CIPHER_CTX_key_length() should return the set key length
in the EVP_CIPHER_CTX structure which may not be the same as
the underlying cipher key length for variable length ciphers.
This fixes problems in OpenSSH using some ciphers, and possibly other
applications.
See also: http://bugzilla.mindrot.org/show_bug.cgi?id=1291
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=167617
|
| | |
| |
| |
| | |
Notes:
svn path=/head/; revision=167615
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=167613
|
| | |
| |
| |
| | |
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=167612
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=162917
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix uninitialized free of ctx in compute_key() when the
OPENSSL_DH_MAX_MODULUS_BITS check is triggered.
This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=162916
|
| | |
| |
| |
| | |
Notes:
svn path=/head/; revision=162914
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=162912
|
| | |
| |
| |
| | |
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=162911
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Obtained from: OpenSSL project
Security: FreeBSD-SA-06:19.openssl
Notes:
svn path=/head/; revision=162207
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This was missed the first time around since eng_padlock.c was not part
of OpenSSL 0.9.7e and therefor did not have the v0_9_7e CVS tag used
during original resolve of conflicts.
Noticed by: Antoine Brodin <antoine.brodin@laposte.net>
Notes:
svn path=/head/; revision=160837
|
| | |
| |
| |
| | |
Notes:
svn path=/head/; revision=160817
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=160815
|
| | |
| |
| |
| | |
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=160814
|
| | |
| |
| |
| |
| |
| |
| | |
branch. This time, these are mostly the `Makefile.ssl' files.
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=142430
|
| | |
| |
| |
| | |
Notes:
svn path=/head/; revision=142432
|
| | |
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=142431
|
| | |
| |
| |
| | |
Notes:
svn path=/head/; revision=142428
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=142426
|
| | |
| |
| |
| | |
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=142425
|
| | |
| |
| |
| |
| |
| |
| | |
part of recent releases.
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=142421
|
| | |
| |
| |
| |
| |
| |
| | |
from OpenSSL 0.9.5 (yet to be released), and is pretty complete.
Notes:
svn path=/head/; revision=133718
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=133666
|
| | |
| |
| |
| |
| |
| |
| | |
This is from the upcoming OpenSSL 0.9.8 release.
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=133665
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=127905
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
object could cause a null pointer dereference.
Obtained from: OpenSSL CVS (change number 12080)
MFC After: 1 day
Reported by: Daniel Lang <dl@leo.org>
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=127904
|
| | |
| |
| |
| | |
Notes:
svn path=/head/; revision=127134
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=127129
|
| | |
| |
| |
| | |
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=127128
|
| | |
| |
| |
| | |
Notes:
svn path=/head/; revision=120636
|
| | |
| |
| |
| | |
Notes:
svn path=/head/; revision=120635
|
| |\|
| |
| |
| |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
Notes:
svn path=/head/; revision=120632
|
| | |
| |
| |
| | |
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=120631
|
| | |
| |
| |
| |
| |
| |
| | |
http://www.openssl.org/news/secadv_20030317.txt
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=112442
|
| | |
| |
| |
| | |
Notes:
svn path=/head/; revision=112446
|
