| #
306196 |
|
22-Sep-2016 |
jkim |
Merge OpenSSL 1.0.1u.
|
| #
298999 |
|
03-May-2016 |
jkim |
Merge OpenSSL 1.0.1t.
Relnotes: yes
|
| #
296317 |
|
02-Mar-2016 |
delphij |
Merge OpenSSL 1.0.1s. This is a security update.
Relnotes: yes
Approved by: re (so@ implicit)
|
| #
295016 |
|
28-Jan-2016 |
jkim |
Merge OpenSSL 1.0.1r.
Relnotes: yes
|
| #
291721 |
|
03-Dec-2015 |
jkim |
Merge OpenSSL 1.0.1q.
|
| #
280304 |
|
20-Mar-2015 |
jkim |
MFC: r280297
Merge OpenSSL 1.0.1m.
Relnotes: yes
|
| #
276864 |
|
08-Jan-2015 |
jkim |
MFC: r276861, r276863
Merge OpenSSL 1.0.1k.
|
| #
273149 |
|
15-Oct-2014 |
jkim |
MFC: r273144, r273146
Merge OpenSSL 1.0.1j.
Relnotes: yes
|
| #
269686 |
|
07-Aug-2014 |
jkim |
MFC: r269682
Merge OpenSSL 1.0.1i.
|
| #
264331 |
|
10-Apr-2014 |
jkim |
MFC: r261037, r264278
Merge OpenSSL 1.0.1f and 1.0.1g.
|
| #
260404 |
|
07-Jan-2014 |
delphij |
MFC r260403 (MFV r260399):
Apply vendor commits:
197e0ea Fix for TLS record tampering bug. (CVE-2013-4353).
3462896 For DTLS we might need to retransmit messages from the
previous session so keep a copy of write context in DTLS
retransmission buffers instead of replacing it after
sending CCS. (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
algorithms use the version number in the corresponding
SSL_METHOD structure instead of the SSL structure. The
SSL structure version is sometimes inaccurate.
Note: OpenSSL 1.0.2 and later effectively do this already.
(CVE-2013-6449).
Security: CVE-2013-4353
Security: CVE-2013-6449
Security: CVE-2013-6450
|
| #
280304 |
|
20-Mar-2015 |
jkim |
MFC: r280297
Merge OpenSSL 1.0.1m.
Relnotes: yes
|
| #
276864 |
|
08-Jan-2015 |
jkim |
MFC: r276861, r276863
Merge OpenSSL 1.0.1k.
|
| #
273149 |
|
15-Oct-2014 |
jkim |
MFC: r273144, r273146
Merge OpenSSL 1.0.1j.
Relnotes: yes
|
| #
269686 |
|
07-Aug-2014 |
jkim |
MFC: r269682
Merge OpenSSL 1.0.1i.
|
| #
264331 |
|
10-Apr-2014 |
jkim |
MFC: r261037, r264278
Merge OpenSSL 1.0.1f and 1.0.1g.
|
| #
260404 |
|
07-Jan-2014 |
delphij |
MFC r260403 (MFV r260399):
Apply vendor commits:
197e0ea Fix for TLS record tampering bug. (CVE-2013-4353).
3462896 For DTLS we might need to retransmit messages from the
previous session so keep a copy of write context in DTLS
retransmission buffers instead of replacing it after
sending CCS. (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
algorithms use the version number in the corresponding
SSL_METHOD structure instead of the SSL structure. The
SSL structure version is sometimes inaccurate.
Note: OpenSSL 1.0.2 and later effectively do this already.
(CVE-2013-6449).
Security: CVE-2013-4353
Security: CVE-2013-6449
Security: CVE-2013-6450
|