aboutsummaryrefslogtreecommitdiff
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* MFC r228843:Ed Maste2012-01-271-0/+3
| | | | | | | Fix a buffer overflow in telnetd. [11:08] Notes: svn path=/stable/6/; revision=230621
* Disable SSL renegotiation in order to protect against a seriousColin Percival2009-12-033-5/+12
| | | | | | | | | | | | | | | | | | protocol flaw. [09:15] Correctly handle failures from unsetenv resulting from a corrupt environment in rtld-elf. [09:16] Fix permissions in freebsd-update in order to prevent leakage of sensitive files. [09:17] Approved by: so (cperciva) Security: FreeBSD-SA-09:15.ssl Security: FreeBSD-SA-09:16.rtld Security: FreeBSD-SA-09:17.freebsd-udpate Notes: svn path=/stable/6/; revision=200054
* Don't leak information via uninitialized space in db(3) records. [09:07]Colin Percival2009-04-223-0/+16
| | | | | | | | | | | | | | Sanity-check string lengths in order to stop OpenSSL crashing when printing corrupt BMPString or UniversalString objects. [09:08] Security: FreeBSD-SA-09:07.libc Security: FreeBSD-SA-09:08.openssl Security: CVE-2009-0590 Approved by: re (kensmith) Approved by: so (cperciva) Notes: svn path=/stable/6/; revision=191381
* This time really commit the OpenSSL part of the advisory round toSimon L. B. Nielsen2009-01-078-11/+10
| | | | | | | | | | | | | | stable/6: Fix incorrect OpenSSL checks for malformed signatures due to invalid check of return value from EVP_VerifyFinal(), DSA_verify, and DSA_do_verify. Security: FreeBSD-SA-09:02.openssl Obtained from: OpenSSL Project Notes: svn path=/stable/6/; revision=186873
* Fix logic error in sshd(8) concerning the handling of failedColin Percival2008-04-171-3/+0
| | | | | | | | | attempts to bind ports for X11 forwarding. Security: FreeBSD-SA-08:05.openssh Notes: svn path=/stable/6/; revision=178262
* MFC: remove some no-longer-needed _FREEFALL_CONFIG hacks.Peter Wemm2007-10-292-18/+2
| | | | Notes: svn path=/stable/6/; revision=173159
* Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().Simon L. B. Nielsen2007-10-031-11/+11
| | | | Notes: svn path=/stable/6/; revision=172430
* InstaMFC: OpenSSH 4.5p1Dag-Erling Smørgrav2006-11-1144-3188/+344
| | | | | | | Approved by: re (kensmith) Notes: svn path=/stable/6/; revision=164158
* MFC: OpenSSH 4.4p1.Dag-Erling Smørgrav2006-10-06270-5806/+12410
| | | | | | | Approved by: re (kensmith) Notes: svn path=/stable/6/; revision=163052
* This commit was manufactured by cvs2svn to create branch 'RELENG_6'.cvs2svn2006-10-0123-0/+2896
| | | | Notes: svn path=/stable/6/; revision=162923
* Correct multiple vulnerabilities in OpenSSH.Simon L. B. Nielsen2006-09-3014-12/+62
| | | | | | | | Security: FreeBSD-SA-06:22.openssh Approved by: re (kensmith) Notes: svn path=/stable/6/; revision=162894
* Correct problem in the 2006-09-28 patch concerning the handling ofColin Percival2006-09-291-1/+1
| | | | | | | | | | | excessively large DH moduli. Reported by: Steve Kiernan (Juniper SIRT) Security: FreeBSD-SA-06:23.openssl Approved by: re (kensmith) Notes: svn path=/stable/6/; revision=162786
* Correct multiple vulnerabilities in crypto(3).Colin Percival2006-09-2813-3/+96
| | | | | | | | | | | Limit the size of public keys used in order to protect applications from a denial of service via insane key sizes. Security: FreeBSD-SA-06:23.openssl Approved by: re (htimsnek) Notes: svn path=/stable/6/; revision=162722
* MFC: vendor patch for BSM problem in protocol version 1.Dag-Erling Smørgrav2006-09-251-4/+1
| | | | | | | Approved by: re (mux) Notes: svn path=/stable/6/; revision=162613
* Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1]Simon L. B. Nielsen2006-09-061-0/+17
| | | | | | | | | | | Correct multiple denial-of-service vulnerabilities in BIND related to SIG Query Processing and Excessive Recursive Queries. [2] Security: FreeBSD-SA-06:19.openssl [1] Security: FreeBSD-SA-06:20.bind [2] Notes: svn path=/stable/6/; revision=162075
* Fix a bug in the padlock engine when handling small data blocks. ThisSimon L. B. Nielsen2006-07-301-3/+3
| | | | | | | | | | | | | | | could cause problem e.g. when using OpenVPN. This is a direct commit to RELENG_6 since the issue was fixed by the OpenSSL 0.9.8b import in -CURRENT. PR: bin/86598 Submitted by: Mike Tancsa <mike@sentex.net> Tested by: Mike Tancsa, pjd Obtained from: OpenSSL CVS (eng_padlock.c 1.12 -> 1.13 diff) Notes: svn path=/stable/6/; revision=160836
* MFC: (1.16) our glob(3) has all the required features.Dag-Erling Smørgrav2006-07-081-1/+1
| | | | Notes: svn path=/stable/6/; revision=160183
* This commit was manufactured by cvs2svn to create branch 'RELENG_6'.cvs2svn2006-05-251-0/+353
| | | | Notes: svn path=/stable/6/; revision=158908
* Correct a man-in-the-middle SSL version rollback vulnerability.Colin Percival2005-10-112-8/+3
| | | | | | | | Security: FreeBSD-SA-05:21.openssl Approved by: re@ (scottl) Notes: svn path=/stable/6/; revision=151237
* Upgrade to 4.2p1.Dag-Erling Smørgrav2005-09-11117-1837/+3414
| | | | | | | Approved by: re (kensmith) Notes: svn path=/stable/6/; revision=149994
* This commit was manufactured by cvs2svn to create branch 'RELENG_6'.cvs2svn2005-09-036-0/+495
| | | | Notes: svn path=/stable/6/; revision=149752
* This is sort of an MFS. Peter made these changes to the RELENG_*Ken Smith2005-07-072-2/+23
| | | | | | | | | | | | | | | | | | | | | | branches but missed HEAD. This patch extends his a little bit, setting it up via the Makefiles so that adding _FREEFALL_CONFIG to /etc/make.conf is the only thing needed to cluster-ize things (current setup also requires overriding CFLAGS). From Peter's commit to the RELENG_* branches: > Add the freebsd.org custer's source modifications under #ifdefs to aid > keeping things in sync. For ksu: > * install suid-root by default > * don't fall back to asking for a unix password (ie: be pure kerberos) > * allow custom user instances for things like www and not just root The Makefile tweaks will be MFC-ed, the rest is already done. MFC after: 3 days Approved by: re (dwhite) Notes: svn path=/head/; revision=147810
* Forgot to bump the version addendum.Dag-Erling Smørgrav2005-06-051-1/+1
| | | | Notes: svn path=/head/; revision=147010
* Regenerate.Dag-Erling Smørgrav2005-06-051-13/+82
| | | | Notes: svn path=/head/; revision=147006
* Resolve conflicts.Dag-Erling Smørgrav2005-06-0552-1069/+2431
| | | | Notes: svn path=/head/; revision=147005
* Update for 4.1p1.Dag-Erling Smørgrav2005-06-051-1/+1
| | | | Notes: svn path=/head/; revision=147004
* This commit was generated by cvs2svn to compensate for changes in r147001,Dag-Erling Smørgrav2005-06-0524-57/+246
|\ | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. Notes: svn path=/head/; revision=147002
| * Vendor import of OpenSSH 4.1p1.Dag-Erling Smørgrav2005-06-0545-223/+470
| | | | | | | | Notes: svn path=/vendor-crypto/openssh/dist/; revision=147001
* | This commit was generated by cvs2svn to compensate for changes in r146998,Dag-Erling Smørgrav2005-06-0578-697/+3041
|\| | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. Notes: svn path=/head/; revision=146999
| * Vendor import of OpenSSH 4.0p1.Dag-Erling Smørgrav2005-06-05129-1720/+5423
| | | | | | | | Notes: svn path=/vendor-crypto/openssh/dist/; revision=146998
* | Rewrite some of the regexps so they don't match themselves.Dag-Erling Smørgrav2005-06-041-5/+6
| | | | | | | | Notes: svn path=/head/; revision=146981
* | File removed in update from OpenSSL 0.9.7d -> 0.9.7e.Jacques Vidrine2005-02-251-91/+0
| | | | | | | | Notes: svn path=/head/; revision=142432
* | This commit was generated by cvs2svn to compensate for changes in r142430,Jacques Vidrine2005-02-2556-15211/+0
| | | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. Notes: svn path=/head/; revision=142431
* | Resolve conflicts after import of OpenSSL 0.9.7e.Jacques Vidrine2005-02-2511-25/+80
| | | | | | | | Notes: svn path=/head/; revision=142428
* | This commit was generated by cvs2svn to compensate for changes in r142425,Jacques Vidrine2005-02-25205-785/+17206
|\ \ | | | | | | | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. Notes: svn path=/head/; revision=142426
| * | Vendor import of OpenSSL 0.9.7e.Jacques Vidrine2005-02-25216-810/+17286
| | | | | | | | | | | | Notes: svn path=/vendor-crypto/openssl/dist/; revision=142425
| * | Clean up the OpenSSL vendor branch by removing files that are notJacques Vidrine2005-02-25207-36723/+0
| | | | | | | | | | | | | | | | | | | | | part of recent releases. Notes: svn path=/vendor-crypto/openssl/dist/; revision=142421
* | | Update list of files to remove prior to import of OpenSSL 0.9.7e.Jacques Vidrine2005-02-251-0/+7
| | | | | | | | | | | | Notes: svn path=/head/; revision=142423
* | | This commit was generated by cvs2svn to compensate for changes in r142421,Jacques Vidrine2005-02-251-66/+0
| | | | | | | | | | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. Notes: svn path=/head/; revision=142422
* | | This commit was generated by cvs2svn to compensate for changes in r142403,Jacques Vidrine2005-02-2489-9356/+8999
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. Notes: svn path=/head/; revision=142404
| * | | Vendor import of Heimdal 0.6.3.vendor/heimdal/0.6.3Jacques Vidrine2005-02-2489-9356/+8999
| | | | | | | | | | | | | | | | | | | | Notes: svn path=/vendor-crypto/heimdal/dist/; revision=142403 svn path=/vendor-crypto/heimdal/0.6.3/; revision=142405; tag=vendor/heimdal/0.6.3
| * | | Remove lib/kdfs from vendor branch: we do not build it, and it will notJacques Vidrine2005-02-244-1119/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | be included in future imports. Notes: svn path=/vendor-crypto/heimdal/dist/; revision=142401
| * | | Clean up the Heimdal vendor branch by removing files not included inJacques Vidrine2005-02-24383-227627/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | any import for several years. If memory serves, this was Suggested by: ru an awfully long time ago-- sorry for the delay! Notes: svn path=/vendor-crypto/heimdal/dist/; revision=142400
* | | | Do not include lib/kdfs in future imports.Jacques Vidrine2005-02-241-0/+1
| | | | | | | | | | | | | | | | Notes: svn path=/head/; revision=142402
* | | | Better Xlist command line.Dag-Erling Smørgrav2004-10-281-2/+2
| | | | | | | | | | | | | | | | Notes: svn path=/head/; revision=137020
* | | | Resolve conflictsDag-Erling Smørgrav2004-10-28100-5668/+1851
| | | | | | | | | | | | | | | | Notes: svn path=/head/; revision=137019
* | | | This commit was generated by cvs2svn to compensate for changes in r137015,Dag-Erling Smørgrav2004-10-2880-716/+3430
|\ \ \ \ | | |_|/ | |/| | | | | | | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. Notes: svn path=/head/; revision=137016
| * | | Vendor import of OpenSSH 3.9p1.Dag-Erling Smørgrav2004-10-28135-1346/+5241
| | | | | | | | | | | | | | | | Notes: svn path=/vendor-crypto/openssh/dist/; revision=137015
* | | | These are unnecessary and have been causing imp@ trouble.Dag-Erling Smørgrav2004-10-273-27/+0
| | | | | | | | | | | | | | | | Notes: svn path=/head/; revision=136998
* | | | Add support for C3 Nehemiah ACE ("Padlock") AES crypto. This comesMark Murray2004-08-142-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | from OpenSSL 0.9.5 (yet to be released), and is pretty complete. Notes: svn path=/head/; revision=133718
generated by cgit v1.3 (git 2.53.0) at 2026-05-08 20:55:45 +0000