d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
196,706 Commits 6 Branches 133 Tags 2.6 GiB
459ea53d05
Commit Graph

36 Commits

Author SHA1 Message Date
Jung-uk Kim
751d29910b Merge OpenSSL 1.0.1k. 2015-01-08 23:42:41 +00:00
Jung-uk Kim
fa5fddf171 Merge OpenSSL 1.0.1j. 2014-10-15 19:12:05 +00:00
Jung-uk Kim
a93cbc2be8 Merge OpenSSL 1.0.1i. 2014-08-07 18:56:10 +00:00
Jung-uk Kim
94ad176c68 Merge OpenSSL 1.0.1h. 
Approved by:	so (delphij)
 2014-06-09 05:50:57 +00:00
Xin LI
4a448cff07 Fix OpenSSL multiple vulnerabilities. 
Security:	CVE-2014-0195, CVE-2014-0221, CVE-2014-0224,
		CVE-2014-3470
Security:	SA-14:14.openssl
Approved by:	so
 2014-06-05 12:32:16 +00:00
Jung-uk Kim
560ede85d4 Merge OpenSSL 1.0.1g. 
Approved by:	benl (maintainer)
 2014-04-08 21:06:58 +00:00
Jung-uk Kim
de78d5d8fd Merge OpenSSL 1.0.1f. 
Approved by:	so (delphij), benl (silence)
 2014-01-22 19:57:11 +00:00
Jung-uk Kim
09286989d3 Merge OpenSSL 1.0.1e. 
Approved by:	secteam (simon), benl (silence)
 2013-02-13 23:07:20 +00:00
Jung-uk Kim
1f13597d10 Merge OpenSSL 1.0.1c. 
Approved by:	benl (maintainer)
 2012-07-12 19:30:53 +00:00
Jung-uk Kim
12de4ed299 Merge OpenSSL 0.9.8x. 
Reviewed by:	stas
Approved by:	benl (maintainer)
MFC after:	3 days
 2012-06-27 18:44:36 +00:00
Bjoern A. Zeeb
071183ef48 Update the previous openssl fix. [12:01] 
Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

Security:	FreeBSD-SA-12:01.openssl (revised)
Security:	FreeBSD-SA-12:02.crypt
Approved by:	so (bz, simon)
 2012-05-30 12:01:28 +00:00
Bjoern A. Zeeb
a95abaf173 Fix multiple OpenSSL vulnerabilities. 
Security:	CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
Security:	CVE-2012-0884, CVE-2012-2110
Security:	FreeBSD-SA-12:01.openssl
Approved by:	so (bz,simon)
 2012-05-03 15:25:11 +00:00
Xin LI
dfdd332056 Fix SSL memory handlig for (EC)DH cipher suites, in particular for 
multi-threaded use of ECDH.

Security:	CVE-2011-3210
Reviewed by:	stas
Obtained from:	OpenSSL CVS
Approved by:	re (kib)
 2011-09-08 09:33:49 +00:00
Simon L. B. Nielsen
72b8021a0a Merge OpenSSL 0.9.8q into head. 
Security:	CVE-2010-4180
Security:	http://www.openssl.org/news/secadv_20101202.txt
MFC after:	3 days
 2010-12-03 22:59:54 +00:00
Simon L. B. Nielsen
6a599222bb Merge OpenSSL 0.9.8m into head. 
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL.  The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.

MFC after:	3 weeks
 2010-03-13 19:22:41 +00:00
Colin Percival
a235643007 Disable SSL renegotiation in order to protect against a serious 
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
 2009-12-03 09:18:40 +00:00
Simon L. B. Nielsen
db522d3ae4 Merge OpenSSL 0.9.8k into head. 
Approved by:	re
 2009-06-14 19:45:16 +00:00
Simon L. B. Nielsen
8978d9e7ef Prevent cross-site forgery attacks on lukemftpd(8) due to splitting 
long commands into multiple requests. [09:01]

Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]

Security:	FreeBSD-SA-09:01.lukemftpd
Security:	FreeBSD-SA-09:02.openssl
Obtained from:	NetBSD [SA-09:01]
Obtained from:	OpenSSL Project [SA-09:02]
Approved by:	so (simon)
 2009-01-07 20:17:55 +00:00
Simon L. B. Nielsen
c4a78426be Flatten OpenSSL vendor tree. 2008-08-23 10:51:00 +00:00
Simon L. B. Nielsen
5471f83ea7 Vendor import of OpenSSL 0.9.8e. 2007-03-15 20:03:30 +00:00
Simon L. B. Nielsen
ed5d4f9a94 Vendor import of OpenSSL 0.9.8d. 2006-10-01 07:38:44 +00:00
Simon L. B. Nielsen
3b4e3dcb9f Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
Jacques Vidrine
6be8ae0724 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
Jacques Vidrine
ced566fd0b Vendor import of OpenSSL 0.9.7d. 2004-03-17 15:49:33 +00:00
Jacques Vidrine
50ef009353 Vendor import of OpenSSL 0.9.7c 2003-10-01 12:32:41 +00:00
Chris D. Faulhaber
8786792504 Import of PKCS #1 security fix. 
http://www.openssl.org/news/secadv_20030319.txt
 2003-03-20 20:41:45 +00:00
Mark Murray
5c87c606cd Vendor import of OpenSSL release 0.9.7. This release includes 
support for AES and OpenBSD's hardware crypto.
 2003-01-28 21:43:22 +00:00
Jacques Vidrine
484549566e Import of OpenSSL 0.9.6f. 2002-08-10 01:46:10 +00:00
Jacques Vidrine
4f20a5a274 Import of OpenSSL 0.9.6e. 2002-07-30 13:38:06 +00:00
Jacques Vidrine
c1803d7836 Import of OpenSSL 0.9.6d. 2002-07-30 12:44:15 +00:00
Kris Kennaway
a21b1b381e Initial import of OpenSSL 0.9.6c 2002-01-27 03:13:07 +00:00
Kris Kennaway
26d191b459 Initial import of OpenSSL 0.9.6b 2001-07-19 19:59:37 +00:00
Kris Kennaway
de7cdddab1 Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10 2001-02-18 03:17:36 +00:00
Kris Kennaway
ddd58736f0 Initial import of OpenSSL 0.9.6 2000-11-13 01:03:58 +00:00
Kris Kennaway
f579bf8ec7 Initial import of OpenSSL 0.9.5a 2000-04-13 06:33:22 +00:00
Kris Kennaway
7466462628 Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent 
infringement reasons.
 2000-01-10 06:22:05 +00:00