A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.4.0 2016-05-30T13:42:54+00:00 2016-05-30T13:42:54+00:00 beck 2016-05-30T13:42:54+00:00 urn:sha1:5841b6a630957adeb6dc4dbe8ff11ddc224d3de4 14 years ago these were changed in OpenSSL to be the same as the _ex functions. We use the _ex functions only internally to ensure it is obvious the ctx must be cleared. ok bcook@ 2016-05-20T15:46:21+00:00 bcook 2016-05-20T15:46:21+00:00 urn:sha1:a7a8b3e28bac1bac9b00c9e9b10856c6f5283ad9 The outer while() loop is missing, so we only read up to chunk_max bytes. 2016-05-04T15:05:13+00:00 tedu 2016-05-04T15:05:13+00:00 urn:sha1:14ce935972dfee67affb9dbef7b76c66fc35423b additionally, in EncodeUpdate, if the amount written would overflow, return 0 instead to prevent bugs in the caller. CVE-2016-2105 and CVE-2016-2106 from openssl. 2016-05-04T15:01:33+00:00 tedu 2016-05-04T15:01:33+00:00 urn:sha1:f67a456a3757b6d60641164adc3e3a5bdfc8fa4d for both the mac and padding bytes. CVE-2016-2107 from openssl 2016-05-04T15:00:24+00:00 tedu 2016-05-04T15:00:24+00:00 urn:sha1:7c0bc19bc9eea1c1ac306f1b3f93fd10d3dd4ff8 CVE-2016-2108 from openssl. 2016-05-04T14:58:09+00:00 tedu 2016-05-04T14:58:09+00:00 urn:sha1:e205809b7a0b1df763f03b64d1cc28bfec3d8b71 CVE-2016-2109 from openssl. 2016-05-04T14:53:29+00:00 tedu 2016-05-04T14:53:29+00:00 urn:sha1:519d297fc2fe7aa90db3d99be37ea38e11547106 2016-05-03T14:05:41+00:00 bcook 2016-05-03T14:05:41+00:00 urn:sha1:da87549cff83dd705f62d49b47eeff6fcc5b6f4e 2016-05-03T12:38:53+00:00 tedu 2016-05-03T12:38:53+00:00 urn:sha1:c6409771d22d6e819d9017d650687b93c835ed3a missing padding check in aesni functions overflow in evp encode functions use of invalid negative asn.1 types ok beck 2016-04-28T17:07:07+00:00 jsing 2016-04-28T17:07:07+00:00 urn:sha1:643f50290d39864797888fc818170917b845775c additions and functionality changes.