Now
MAIN commitmail json YAML
src/crypto/external/bsd/openssl/dist/crypto/x509v3/v3_addr.c@1.2
/
diff
/
nxr@1.2
src/crypto/external/bsd/openssl/dist/engines/ccgost/gost2001_keyx.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/engines/ccgost/gost94_keyx.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c@1.4 / diff / nxr@1.4
src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c@1.9 / diff / nxr@1.9
src/crypto/external/bsd/openssl/dist/ssl/ssl.h@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/ssl/ssl3.h@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/ssl/ssl_err.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/engines/ccgost/gost2001_keyx.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/engines/ccgost/gost94_keyx.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c@1.4 / diff / nxr@1.4
src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c@1.9 / diff / nxr@1.9
src/crypto/external/bsd/openssl/dist/ssl/ssl.h@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/ssl/ssl3.h@1.2 / diff / nxr@1.2
src/crypto/external/bsd/openssl/dist/ssl/ssl_err.c@1.2 / diff / nxr@1.2
pull in some patches from upstream CVS, following secadv_20120104.txt:
-rev.21964 for DTLS Plaintext Recovery Attack (CVE-2011-4108)
-rev.21961 for Uninitialized SSL 3.0 Padding (CVE-2011-4576)
-rev.21456+21954 for Malformed RFC 3779 Data Can Cause Assertion Failures
(CVE-2011-4577)
(rev.21456 is not mentioned in the advisory, but there is code overlap)
-rev.21958 for SGC Restart DoS Attack (CVE-2011-4619)
-rev.21956 for Invalid GOST parameters DoS Attack (CVE-2012-0027)
-rev.21964 for DTLS Plaintext Recovery Attack (CVE-2011-4108)
-rev.21961 for Uninitialized SSL 3.0 Padding (CVE-2011-4576)
-rev.21456+21954 for Malformed RFC 3779 Data Can Cause Assertion Failures
(CVE-2011-4577)
(rev.21456 is not mentioned in the advisory, but there is code overlap)
-rev.21958 for SGC Restart DoS Attack (CVE-2011-4619)
-rev.21956 for Invalid GOST parameters DoS Attack (CVE-2012-0027)