freebsd-skq/ssl at 20ff6c114f4431e32ec0ff53ba81e420bd4e86a5 - freebsd-skq - Quacker.org Git Repositories

d/freebsd-skq

History

Simon L. B. Nielsen 0a70456882 Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could

cause OpenSSL to parse past the end of the message.

Note: Applications are only affected if they act as a server and call
SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. This includes
Apache httpd >= 2.3.3, if configured with "SSLUseStapling On".

Security:	http://www.openssl.org/news/secadv_20110208.txt
Security:	CVE-2011-0014
Obtained from:	OpenSSL CVS

2011-02-12 21:30:46 +00:00

..

bio_ssl.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

d1_both.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

d1_clnt.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

d1_enc.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

d1_lib.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

d1_meth.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

d1_pkt.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

d1_srvr.c

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

dtls1.h

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

kssl_lcl.h

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

kssl.c

Merge OpenSSL 0.9.8n into head.

2010-04-01 15:19:51 +00:00

kssl.h

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

Makefile

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

s2_clnt.c

Merge OpenSSL 0.9.8k into head.

2009-06-14 19:45:16 +00:00

s2_enc.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

s2_lib.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

s2_meth.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

s2_pkt.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

s2_srvr.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

s3_both.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

s3_clnt.c

Merge OpenSSL 0.9.8q into head.

2010-12-03 22:59:54 +00:00

s3_enc.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

s3_lib.c

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

s3_meth.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

s3_pkt.c

Merge OpenSSL 0.9.8n into head.

2010-04-01 15:19:51 +00:00

s3_srvr.c

Merge OpenSSL 0.9.8q into head.

2010-12-03 22:59:54 +00:00

s23_clnt.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

s23_lib.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

s23_meth.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

s23_pkt.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

s23_srvr.c

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

ssl2.h

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

ssl3.h

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

ssl23.h

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

ssl_algs.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

ssl_asn1.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

ssl_cert.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

ssl_ciph.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

ssl_err2.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

ssl_err.c

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

ssl_lib.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

ssl_locl.h

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

ssl_rsa.c

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

ssl_sess.c

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

ssl_stat.c

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

ssl_task.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

ssl_txt.c

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

ssl.h

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

ssltest.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

t1_clnt.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

t1_enc.c

Merge OpenSSL 0.9.8p into head.

2010-11-22 18:23:44 +00:00

t1_lib.c

Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could

2011-02-12 21:30:46 +00:00

t1_meth.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

t1_reneg.c

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00

t1_srvr.c

Flatten OpenSSL vendor tree.

2008-08-23 10:51:00 +00:00

tls1.h

Merge OpenSSL 0.9.8m into head.

2010-03-13 19:22:41 +00:00