]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit - crypto/bn/bn_prime.h
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 50b464a cbbee3a)
MFV r260399:
authorXin LI <delphij@FreeBSD.org>
Tue, 7 Jan 2014 19:58:45 +0000 (19:58 +0000)
committerXin LI <delphij@FreeBSD.org>
Tue, 7 Jan 2014 19:58:45 +0000 (19:58 +0000)
commit246aa294d75054ad937f4200234c8f0a9621fb40
tree0804b5ed749774647623171c59cc54c7c96f1e41tree | snapshot
parent50b464aa1a87076b331f38021a9915a75bdeacb5commit | diff
parentcbbee3a581d0bbf1b738c0805da55a438c265a20commit | diff
MFV r260399:

Apply vendor commits:

197e0ea Fix for TLS record tampering bug.  (CVE-2013-4353).
3462896 For DTLS we might need to retransmit messages from the
previous session so keep a copy of write context in DTLS
retransmission buffers instead of replacing it after
sending CCS.  (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
algorithms use the version number in the corresponding
SSL_METHOD structure instead of the SSL structure.  The
SSL structure version is sometimes inaccurate.
Note: OpenSSL 1.0.2 and later effectively do this already.
(CVE-2013-6449).

Security: CVE-2013-4353
Security: CVE-2013-6449
Security: CVE-2013-6450
crypto/openssl/ssl/d1_both.c diff1 | diff2 | blob | history
crypto/openssl/ssl/s3_both.c diff1 | diff2 | blob | history
crypto/openssl/ssl/s3_lib.c diff1 | diff2 | blob | history
crypto/openssl/ssl/ssl_locl.h diff1 | diff2 | blob | history
crypto/openssl/ssl/t1_enc.c diff1 | diff2 | blob | history
Unnamed repository; edit this file 'description' to name the repository.