| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade 1.0.1p --> 1.0.1t addresses following vulnerabilities:
CVE-2016-2107
CVE-2016-2108
CVE-2016-2105
CVE-2016-2106
CVE-2016-2109
CVE-2016-2176
Reference:
URL for the OpenSSL Security Advisory:
https://www.openssl.org/news/secadv/20160503.txt
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cross-protocol attack on TLS using SSLv2 (DROWN)
Mitigation for CVE-2016-0800
References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0800
https://git.openssl.org/?p=openssl.git;a=patch;h=56f1acf5ef8a432992497a04792ff4b3b2c6f286
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes following vulnerabilities:
Certificate verify crash with missing PSS parameter (CVE-2015-3194)
X509_ATTRIBUTE memory leak (CVE-2015-3195)
References:
https://openssl.org/news/secadv/20151203.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|