A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.4.0 2016-05-30T13:42:54+00:00 2016-05-30T13:42:54+00:00 beck 2016-05-30T13:42:54+00:00 urn:sha1:5841b6a630957adeb6dc4dbe8ff11ddc224d3de4 14 years ago these were changed in OpenSSL to be the same as the _ex functions. We use the _ex functions only internally to ensure it is obvious the ctx must be cleared. ok bcook@ 2016-05-04T15:05:13+00:00 tedu 2016-05-04T15:05:13+00:00 urn:sha1:14ce935972dfee67affb9dbef7b76c66fc35423b additionally, in EncodeUpdate, if the amount written would overflow, return 0 instead to prevent bugs in the caller. CVE-2016-2105 and CVE-2016-2106 from openssl. 2016-05-04T15:01:33+00:00 tedu 2016-05-04T15:01:33+00:00 urn:sha1:f67a456a3757b6d60641164adc3e3a5bdfc8fa4d for both the mac and padding bytes. CVE-2016-2107 from openssl 2016-05-04T14:53:29+00:00 tedu 2016-05-04T14:53:29+00:00 urn:sha1:519d297fc2fe7aa90db3d99be37ea38e11547106 2016-05-03T14:05:41+00:00 bcook 2016-05-03T14:05:41+00:00 urn:sha1:da87549cff83dd705f62d49b47eeff6fcc5b6f4e 2016-05-03T12:38:53+00:00 tedu 2016-05-03T12:38:53+00:00 urn:sha1:c6409771d22d6e819d9017d650687b93c835ed3a missing padding check in aesni functions overflow in evp encode functions use of invalid negative asn.1 types ok beck 2016-04-28T16:06:53+00:00 jsing 2016-04-28T16:06:53+00:00 urn:sha1:ff5ca5b45cd3a88df256cc064db92adafbfbada5 and replace with EVP_aead_chacha20_poly1305_ietf(). The IETF version will become the standard version. Discussed with many. 2016-04-13T13:25:05+00:00 jsing 2016-04-13T13:25:05+00:00 urn:sha1:9d3da640f6cc3dcac220438c3f6e04e4dfe556a6 EVP_aead_chacha20_poly1305_ietf(). 2015-12-14T03:37:27+00:00 beck 2015-12-14T03:37:27+00:00 urn:sha1:c1ec90cf2a4dbdfb4c30be01c8dac1134af28146 ok guenther@ 2015-11-02T15:43:55+00:00 reyk 2015-11-02T15:43:55+00:00 urn:sha1:029356713cb2ab8a724984f6f725b79d6b3d87d7