freebsd-dev

Author	SHA1	Message	Date
Colin Percival	e55ab0a54b	Don't leak information via uninitialized space in db(3) records. [09:07] Sanity-check string lengths in order to stop OpenSSL crashing when printing corrupt BMPString or UniversalString objects. [09:08] Security: FreeBSD-SA-09:07.libc Security: FreeBSD-SA-09:08.openssl Security: CVE-2009-0590 Approved by: re (kensmith) Approved by: so (cperciva)	2009-04-22 14:07:14 +00:00
Simon L. B. Nielsen	8978d9e7ef	Prevent cross-site forgery attacks on lukemftpd(8) due to splitting long commands into multiple requests. [09:01] Fix incorrect OpenSSL checks for malformed signatures due to invalid check of return value from EVP_VerifyFinal(), DSA_verify, and DSA_do_verify. [09:02] Security: FreeBSD-SA-09:01.lukemftpd Security: FreeBSD-SA-09:02.openssl Obtained from: NetBSD [SA-09:01] Obtained from: OpenSSL Project [SA-09:02] Approved by: so (simon)	2009-01-07 20:17:55 +00:00
Simon L. B. Nielsen	c71cd5d0b8	The vendor area is the proper home for these files now.	2008-09-21 13:18:25 +00:00
Simon L. B. Nielsen	e262aef1ae	Unbreak detection of cryptodev support for FreeBSD which was broken with OpenSSL 0.9.8 import. Note that this does not enable cryptodev by default, as it was the case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it possible to enable cryptodev at all. This has been submitted upstream as: http://rt.openssl.org/Ticket/Display.html?id=1624 Submitted by: nork	2008-01-13 11:44:47 +00:00
Simon L. B. Nielsen	a87abab4b0	This commit was generated by cvs2svn to compensate for changes in r172767, which included commits to RCS files with non-trunk default branches.	2007-10-18 20:19:33 +00:00
Simon L. B. Nielsen	a0ddfe4e72	Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch. From the OpenSSL advisory: Andy Polyakov discovered a flaw in OpenSSL's DTLS implementation which could lead to the compromise of clients and servers with DTLS enabled. DTLS is a datagram variant of TLS specified in RFC 4347 first supported in OpenSSL version 0.9.8. Note that the vulnerabilities do not affect SSL and TLS so only clients and servers explicitly using DTLS are affected. We believe this flaw will permit remote code execution. Security: CVE-2007-4995 Security: http://www.openssl.org/news/secadv_20071012.txt	2007-10-18 20:19:33 +00:00
Simon L. B. Nielsen	ec4b528c4a	Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers(). Security: FreeBSD-SA-07:08.openssl Approved by: re (security blanket)	2007-10-03 21:38:57 +00:00
Simon L. B. Nielsen	1a15cc9f5c	Fix runtime crash in OpenSSL with "Illegal instruction" by making some casts a bit less evil. This was e.g. seen when using portsnap as: Fetching snapshot tag from portsnap3.FreeBSD.org... Illegal instruction Note the patch is slightly different from kan's original patch to match style in the OpenSSL source files a bit better. Submitted by: kan Tested by: many	2007-05-22 20:28:19 +00:00
Simon L. B. Nielsen	e9c804063f	- Bring upgrade produce up-to-date for OpenSSL 0.9.8e. - Add reminder to bump version numer in Makefile.inc.	2007-03-15 21:06:48 +00:00
Simon L. B. Nielsen	c30e4c6174	Import fix from upstream OpenSSL_0_9_8-stable branch: EVP_CIPHER_CTX_key_length() should return the set key length in the EVP_CIPHER_CTX structure which may not be the same as the underlying cipher key length for variable length ciphers. This fixes problems in OpenSSH using some ciphers, and possibly other applications. See also: http://bugzilla.mindrot.org/show_bug.cgi?id=1291	2007-03-15 20:26:26 +00:00
Simon L. B. Nielsen	0339ca21b8	This commit was generated by cvs2svn to compensate for changes in r167617, which included commits to RCS files with non-trunk default branches.	2007-03-15 20:26:26 +00:00
Simon L. B. Nielsen	1d1b15c8bf	Resolve conflicts after import of OpenSSL 0.9.8e.	2007-03-15 20:07:27 +00:00
Simon L. B. Nielsen	5471f83ea7	Vendor import of OpenSSL 0.9.8e.	2007-03-15 20:03:30 +00:00
Simon L. B. Nielsen	03b688114f	This commit was generated by cvs2svn to compensate for changes in r167612, which included commits to RCS files with non-trunk default branches.	2007-03-15 20:03:30 +00:00
Simon L. B. Nielsen	4d227dd736	Import from upstream OpenSSL 0.9.8 branch: Fix uninitialized free of ctx in compute_key() when the OPENSSL_DH_MAX_MODULUS_BITS check is triggered. This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.	2006-10-01 08:09:46 +00:00
Simon L. B. Nielsen	f9d67810bf	This commit was generated by cvs2svn to compensate for changes in r162916, which included commits to RCS files with non-trunk default branches.	2006-10-01 08:09:46 +00:00
Simon L. B. Nielsen	74608424ab	Resolve conflicts after import of OpenSSL 0.9.8d.	2006-10-01 07:46:16 +00:00
Simon L. B. Nielsen	ed5d4f9a94	Vendor import of OpenSSL 0.9.8d.	2006-10-01 07:38:44 +00:00
Simon L. B. Nielsen	02d3319f28	This commit was generated by cvs2svn to compensate for changes in r162911, which included commits to RCS files with non-trunk default branches.	2006-10-01 07:38:44 +00:00
Simon L. B. Nielsen	c800238ebb	Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). Obtained from: OpenSSL project Security: FreeBSD-SA-06:19.openssl	2006-09-10 20:16:43 +00:00
Simon L. B. Nielsen	2ab7aa997e	Resolve conflicts after import of OpenSSL 0.9.8b. This was missed the first time around since eng_padlock.c was not part of OpenSSL 0.9.7e and therefor did not have the v0_9_7e CVS tag used during original resolve of conflicts. Noticed by: Antoine Brodin <antoine.brodin@laposte.net>	2006-07-30 14:17:54 +00:00
Simon L. B. Nielsen	35fc1829d8	Sync FREEBSD-Xlist with what was actually excluded from OpenSSL 0.9.8b import.	2006-07-29 22:40:45 +00:00
Simon L. B. Nielsen	f6ec947c28	Add some rough notes on how to import a new OpenSSL version into the FreeBSD base system. Parts are inspired by the OpenSSH upgrade notes.	2006-07-29 22:01:26 +00:00
Simon L. B. Nielsen	09bf29a41f	Resolve conflicts after import of OpenSSL 0.9.8b.	2006-07-29 19:14:51 +00:00
Simon L. B. Nielsen	3b4e3dcb9f	Vendor import of OpenSSL 0.9.8b	2006-07-29 19:10:21 +00:00
Simon L. B. Nielsen	f6ab039488	This commit was generated by cvs2svn to compensate for changes in r160814, which included commits to RCS files with non-trunk default branches.	2006-07-29 19:10:21 +00:00
Colin Percival	51ce0d091c	Correct a man-in-the-middle SSL version rollback vulnerability. Security: FreeBSD-SA-05:21.openssl	2005-10-11 11:50:36 +00:00
Jacques Vidrine	72a11ddc6c	File removed in update from OpenSSL 0.9.7d -> 0.9.7e.	2005-02-25 06:22:30 +00:00
Jacques Vidrine	a37fa6607a	Remove files that are no longer part of OpenSSL from the vendor branch. This time, these are mostly the `Makefile.ssl' files.	2005-02-25 06:14:53 +00:00
Jacques Vidrine	3c96cf2e8b	This commit was generated by cvs2svn to compensate for changes in r142430, which included commits to RCS files with non-trunk default branches.	2005-02-25 06:14:53 +00:00
Jacques Vidrine	5203f6dc3a	Resolve conflicts after import of OpenSSL 0.9.7e.	2005-02-25 05:49:44 +00:00
Jacques Vidrine	6be8ae0724	Vendor import of OpenSSL 0.9.7e.	2005-02-25 05:39:05 +00:00
Jacques Vidrine	eb8fd19957	This commit was generated by cvs2svn to compensate for changes in r142425, which included commits to RCS files with non-trunk default branches.	2005-02-25 05:39:05 +00:00
Jacques Vidrine	3e9d9cface	Update list of files to remove prior to import of OpenSSL 0.9.7e.	2005-02-25 05:31:23 +00:00
Jacques Vidrine	01c0bb1d8a	Clean up the OpenSSL vendor branch by removing files that are not part of recent releases.	2005-02-25 05:25:37 +00:00
Jacques Vidrine	c7a8adabfb	This commit was generated by cvs2svn to compensate for changes in r142421, which included commits to RCS files with non-trunk default branches.	2005-02-25 05:25:37 +00:00
Mark Murray	1f9bb6cd25	Add support for C3 Nehemiah ACE ("Padlock") AES crypto. This comes from OpenSSL 0.9.5 (yet to be released), and is pretty complete.	2004-08-14 13:38:35 +00:00
Mark Murray	eaeb68fe23	Bring in support for VIA C3 Nehemiah Padlock crypto support (AES). This is from the upcoming OpenSSL 0.9.8 release.	2004-08-13 19:37:23 +00:00
Mark Murray	19ef43daef	This commit was generated by cvs2svn to compensate for changes in r133665, which included commits to RCS files with non-trunk default branches.	2004-08-13 19:37:23 +00:00
Jacques Vidrine	fe2b6e6689	Repair a regression in OpenSSL 0.9.7d: processing an unsigned PKCS#7 object could cause a null pointer dereference. Obtained from: OpenSSL CVS (change number 12080) MFC After: 1 day Reported by: Daniel Lang <dl@leo.org>	2004-04-05 19:01:57 +00:00
Jacques Vidrine	4fd8395954	This commit was generated by cvs2svn to compensate for changes in r127904, which included commits to RCS files with non-trunk default branches.	2004-04-05 19:01:57 +00:00
Jacques Vidrine	902aa2e784	Resolve conflicts after import of OpenSSL 0.9.7d.	2004-03-17 17:44:39 +00:00
Jacques Vidrine	ced566fd0b	Vendor import of OpenSSL 0.9.7d.	2004-03-17 15:49:33 +00:00
Jacques Vidrine	8f1200ff6f	This commit was generated by cvs2svn to compensate for changes in r127128, which included commits to RCS files with non-trunk default branches.	2004-03-17 15:49:33 +00:00
Jacques Vidrine	81ac585294	Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079). Obtained from: OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)	2004-03-17 12:11:08 +00:00
Jacques Vidrine	1612471010	This commit was generated by cvs2svn to compensate for changes in r127114, which included commits to RCS files with non-trunk default branches.	2004-03-17 12:11:08 +00:00
Jacques Vidrine	ede6693b54	Re-add the FreeBSD RCS keyword for the benefit of mergemaster. PR: conf/50040 Requested by: Dimitry Andric <dim@xs4all.nl>	2004-01-09 14:46:11 +00:00
Jacques Vidrine	52033a8dc8	Remove files no longer included with OpenSSL as of version 0.9.7c.	2003-10-01 12:38:27 +00:00
Jacques Vidrine	5fad2af4e3	Merge conflicts after import of OpenSSL 0.9.7c.	2003-10-01 12:37:51 +00:00
Jacques Vidrine	50ef009353	Vendor import of OpenSSL 0.9.7c	2003-10-01 12:32:41 +00:00

1 2 3

138 Commits