]> git.pld-linux.org Git - packages/openssl.git/commit
projects / packages / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 583fceb 3641afb)
up to OpenSSL 1.0.2h [3 May 2016] auto/ac/openssl-1.0.2h-1 auto/th/openssl-1.0.2h-1
authorElan Ruusamäe <glen@delfi.ee>
Tue, 3 May 2016 17:11:33 +0000 (20:11 +0300)
committerElan Ruusamäe <glen@delfi.ee>
Tue, 3 May 2016 17:12:25 +0000 (20:12 +0300)
commitab4f815e9a9889c92d9bba9a23a30b376819b070
treeb2f98fc458fc9f59ccbb4f15c27a242e05dd92fetree | snapshot
parent583fceb00054978a3c4b10e98334af76d7abc18dcommit | diff
parent3641afbf3559dd46b06756754b43448fc1e29687commit | diff
up to OpenSSL 1.0.2h [3 May 2016]

- Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
- Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
- Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
- Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
- EBCDIC overread (CVE-2016-2176)
- Modify behavior of ALPN to invoke callback after SNI/servername callback, such that updates to the SSL_CTX affect ALPN.
- Remove LOW from the DEFAULT cipher list. This removes singles DES from the default.
- Only remove the SSLv2 methods with the no-ssl2-method option.

Merge branch 'dev-1.0.2h'
openssl.spec diff1 | diff2 | blob | history
OpenSSL Toolkit libraries for the "Secure Sockets Layer" (SSL v2/v3)
This page took 0.026933 seconds and 4 git commands to generate.