NEWS.md - OpenGrok cross reference for /freebsd/crypto/openssl/NEWS.md

Lines Matching refs:Fixed
98   * Fixed RFC7250 handshakes with unauthenticated servers don't abort as expected.
101   * Fixed timing side-channel in ECDSA signature computation.
176   * Fixed possible OOB memory access with invalid low-level GF(2^m) elliptic
187   * Fixed possible denial of service in X.509 name checks
190   * Fixed possible buffer overread in SSL_select_next_proto()
200   * Fixed potential use after free after SSL_free_buffers() is called
203   * Fixed an issue where checking excessively long DSA keys or parameters may
335   * Fixed unbounded memory growth with session handling in TLSv1.3
345   * Fixed PKCS12 Decoding crashes
348   * Fixed excessive time spent checking invalid RSA public keys
351   * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
431   * Fixed excessive time spent in DH check / generation with large Q parameter
472   * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms
474   * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466])
475   * Fixed handling of invalid certificate policies in leaf certificates
492   * Fixed NULL dereference during PKCS7 data verification ([CVE-2023-0401])
493   * Fixed X.400 address type confusion in X.509 GeneralName ([CVE-2023-0286])
494   * Fixed NULL dereference validating DSA public key ([CVE-2023-0217])
495   * Fixed Invalid pointer dereference in d2i_PKCS7 functions ([CVE-2023-0216])
496   * Fixed Use-after-free following BIO_new_NDEF ([CVE-2023-0215])
497   * Fixed Double free after calling PEM_read_bio_ex ([CVE-2022-4450])
498   * Fixed Timing Oracle in RSA Decryption ([CVE-2022-4304])
499   * Fixed X.509 Name Constraints Read Buffer Overflow ([CVE-2022-4203])
500   * Fixed X.509 Policy Constraints Double Locking ([CVE-2022-3996])
505   * Fixed regressions introduced in 3.0.6 version.
506   * Fixed two buffer overflows in punycode decoding functions.
516   * Fixed heap memory corruption with RSA private key operation
518   * Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
523   * Fixed additional bugs in the c_rehash script which was not properly
529   * Fixed a bug in the c_rehash script which was not properly sanitising shell
531   * Fixed a bug in the function `OCSP_basic_verify` that verifies the signer
533   * Fixed a bug where the RC4-MD5 ciphersuite incorrectly used the
540   * Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
545   * Fixed invalid handling of X509_verify_cert() internal errors in libssl
630   * Fixed an SM2 Decryption Buffer Overflow ([CVE-2021-3711])
631   * Fixed various read buffer overruns processing ASN.1 strings ([CVE-2021-3712])
635   * Fixed a problem with verifying a certificate chain when using the
637   * Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
642   * Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
644   * Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
646   * Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
648   * Fixed SRP_Calc_client_key so that it runs in constant time
652   * Fixed NULL pointer deref in GENERAL_NAME_cmp ([CVE-2020-1971])
664   * Fixed segmentation fault in SSL_check_chain() ([CVE-2020-1967])
672   * Fixed an overflow bug in the x64_64 Montgomery squaring procedure
677   * Fixed a fork protection issue ([CVE-2019-1549])
678   * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
763   * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
883   * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
1278     won't resume sessions. Fixed in 1.0.0n-dev
1280     `<limits.h>` include. Fixed in 1.0.0n-dev
1868   * Fixed a security hole related to session resumption
1869   * Fixed RSA encryption routines for the p < q case