Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
9 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 61118caa 编写于 作者: B Bodo Möller
浏览文件
操作

include 0.9.8d and 0.9.7l information

上级 348be7ec
隐藏空白更改
内联 并排
Showing with 29 addition and 2 deletion
CHANGES
浏览文件 @ 61118caa
...@@ -416,7 +416,9 @@ ...@@ -416,7 +416,9 @@
*) Change 'Configure' script to enable Camellia by default. *) Change 'Configure' script to enable Camellia by default.
[NTT] [NTT]
Changes between 0.9.8c and 0.9.8d [xx XXX xxxx] Changes between 0.9.8d and 0.9.8e [XX xxx XXXX]
Changes between 0.9.8c and 0.9.8d [28 Sep 2006]
*) Introduce limits to prevent malicious keys being able to *) Introduce limits to prevent malicious keys being able to
cause a denial of service. (CVE-2006-2940) cause a denial of service. (CVE-2006-2940)
...@@ -1420,7 +1422,21 @@ ...@@ -1420,7 +1422,21 @@
differing sizes. differing sizes.
[Richard Levitte] [Richard Levitte]
Changes between 0.9.7k and 0.9.7l [xx XXX xxxx] Changes between 0.9.7k and 0.9.7l [28 Sep 2006]
*) Introduce limits to prevent malicious keys being able to
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
*) Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
*) Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
*) Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
*) Change ciphersuite string processing so that an explicit *) Change ciphersuite string processing so that an explicit
ciphersuite selects this one ciphersuite (so that "AES256-SHA" ciphersuite selects this one ciphersuite (so that "AES256-SHA"
......
NEWS
浏览文件 @ 61118caa
...@@ -5,6 +5,12 @@ ...@@ -5,6 +5,12 @@
This file gives a brief overview of the major changes between each OpenSSL This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file. release. For more details please read the CHANGES file.
Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d:
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
o Changes to ciphersuite selection algorithm
Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c: Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c:
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
...@@ -99,6 +105,11 @@ ...@@ -99,6 +105,11 @@
o Added initial support for Win64. o Added initial support for Win64.
o Added alternate pkg-config files. o Added alternate pkg-config files.
Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l:
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k: Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册