Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.

Commit

Permalink
Merge remote-tracking branch 'upstream/v0.10' into v0.12
Browse files Browse the repository at this point in the history
Conflicts:
	AUTHORS
	ChangeLog
	lib/timers.js
	src/node_version.h
	test/common.js
  • Loading branch information
Julien Gilli committed Jun 22, 2015
2 parents 20d8db1 + 6f8400a commit f50c37d
Show file tree
Hide file tree
Showing 226 changed files with 2,818 additions and 941 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ Release/
*.suo
*.vcproj
*.vcxproj
!custom_actions.vcxproj
*.vcxproj.user
*.vcxproj.filters
UpgradeLog*.XML
Expand Down
3 changes: 3 additions & 0 deletions AUTHORS
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,7 @@ Debjeet Biswas
Denys Zariaiev
Devin Torres
Devon Govett
Dmitri Melikyan
Dmitriy Shalashov
Dmitry Baranovskiy
Dmitry Nizovtsev
Expand Down Expand Up @@ -323,6 +324,7 @@ Joshaven Potter
Joshua Holbrook
Joshua Peek
Joshua S. Weinstein
João Reis
Ju-yeong Park
Juanjo
Julian Gruber
Expand All @@ -339,6 +341,7 @@ Kai Sasaki Lewuathe
Kang-Hao Kenny
Karl Guertin
Karl Skomski
Kat Marchán
Kazuyuki Yamada
Keith M Wesolowski
Kelly Gerber
Expand Down
15 changes: 14 additions & 1 deletion ChangeLog
Original file line number Diff line number Diff line change
Expand Up @@ -1032,7 +1032,20 @@
* console: `console.dir()` bypasses inspect() methods (Nathan Rajlich)


2015.03.23, Version 0.10.38 (Maintenance)
2015.06.18, Version 0.10.39 (Maintenance)

* openssl: upgrade to 1.0.1o (Addressing multiple CVEs)

* install: fix source path for openssl headers (Oguz Bastemur)

* install: make sure opensslconf.h is overwritten (Oguz Bastemur)

* timers: fix timeout when added in timer's callback (Julien Gilli)

* windows: broadcast WM_SETTINGCHANGE after install (Mathias Küsel)


2015.03.23, Version 0.10.38 (Maintenance), 0b5731a63cc40c4fe9275c79158fe0a5dd4d1609

* openssl: upgrade to 1.0.1m (Addressing multiple CVEs)

Expand Down
77 changes: 77 additions & 0 deletions deps/openssl/openssl/CHANGES
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,83 @@
OpenSSL CHANGES
_______________

Changes between 1.0.1n and 1.0.1o [12 Jun 2015]

*) Fix HMAC ABI incompatibility. The previous version introduced an ABI
incompatibility in the handling of HMAC. The previous ABI has now been
restored.

Changes between 1.0.1m and 1.0.1n [11 Jun 2015]

*) Malformed ECParameters causes infinite loop

When processing an ECParameters structure OpenSSL enters an infinite loop
if the curve specified is over a specially malformed binary polynomial
field.

This can be used to perform denial of service against any
system which processes public keys, certificate requests or
certificates. This includes TLS clients and TLS servers with
client authentication enabled.

This issue was reported to OpenSSL by Joseph Barr-Pixton.
(CVE-2015-1788)
[Andy Polyakov]

*) Exploitable out-of-bounds read in X509_cmp_time

X509_cmp_time does not properly check the length of the ASN1_TIME
string and can read a few bytes out of bounds. In addition,
X509_cmp_time accepts an arbitrary number of fractional seconds in the
time string.

An attacker can use this to craft malformed certificates and CRLs of
various sizes and potentially cause a segmentation fault, resulting in
a DoS on applications that verify certificates or CRLs. TLS clients
that verify CRLs are affected. TLS clients and servers with client
authentication enabled may be affected if they use custom verification
callbacks.

This issue was reported to OpenSSL by Robert Swiecki (Google), and
independently by Hanno B�ck.
(CVE-2015-1789)
[Emilia K�sper]

*) PKCS7 crash with missing EnvelopedContent

The PKCS#7 parsing code does not handle missing inner EncryptedContent
correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
with missing content and trigger a NULL pointer dereference on parsing.

Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
structures from untrusted sources are affected. OpenSSL clients and
servers are not affected.

This issue was reported to OpenSSL by Michal Zalewski (Google).
(CVE-2015-1790)
[Emilia K�sper]

*) CMS verify infinite loop with unknown hash function

When verifying a signedData message the CMS code can enter an infinite loop
if presented with an unknown hash function OID. This can be used to perform
denial of service against any system which verifies signedData messages using
the CMS code.
This issue was reported to OpenSSL by Johannes Bauer.
(CVE-2015-1792)
[Stephen Henson]

*) Race condition handling NewSessionTicket

If a NewSessionTicket is received by a multi-threaded client when attempting to
reuse a previous ticket then a race condition can occur potentially leading to
a double free of the ticket data.
(CVE-2015-1791)
[Matt Caswell]

*) Reject DH handshakes with parameters shorter than 768 bits.
[Kurt Roeckx and Emilia Kasper]

Changes between 1.0.1l and 1.0.1m [19 Mar 2015]

*) Segmentation fault in ASN1_TYPE_cmp fix
Expand Down
10 changes: 5 additions & 5 deletions deps/openssl/openssl/Configure
Original file line number Diff line number Diff line change
Expand Up @@ -230,12 +230,12 @@ my %table=(

#### SPARC Solaris with GNU C setups
"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-gcc","gcc:-mcpu=v8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
####
"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=v8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

#### SPARC Solaris with Sun C setups
Expand All @@ -252,7 +252,7 @@ my %table=(

#### SunOS configs, assuming sparc for the gcc one.
#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
"sunos-gcc","gcc:-O3 -mcpu=v8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",

#### IRIX 5.x configs
# -mips2 flag is added by ./config when appropriate.
Expand Down Expand Up @@ -379,7 +379,7 @@ my %table=(
#### SPARC Linux setups
# Ray Miller <[email protected]> has patiently
# assisted with debugging of following two configs.
"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-sparcv8","gcc:-mcpu=v8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# it's a real mess with -mcpu=ultrasparc option under Linux, but
# -Wa,-Av8plus should do the trick no matter what.
"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
Expand Down Expand Up @@ -413,7 +413,7 @@ my %table=(
"BSD-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mcpu=v8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
Expand Down
28 changes: 9 additions & 19 deletions deps/openssl/openssl/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
## Makefile for OpenSSL
##

VERSION=1.0.1m
VERSION=1.0.1o
MAJOR=1
MINOR=0.1
SHLIB_VERSION_NUMBER=1.0.0
Expand Down Expand Up @@ -186,7 +186,7 @@ WTARFILE= $(NAME)-win.tar
EXHEADER= e_os2.h
HEADER= e_os.h

all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
all: Makefile build_all

# as we stick to -e, CLEARENV ensures that local variables in lower
# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
Expand Down Expand Up @@ -272,7 +272,10 @@ reflect:
sub_all: build_all
build_all: build_libs build_apps build_tests build_tools

build_libs: build_crypto build_ssl build_engines
build_libs: build_libcrypto build_libssl openssl.pc

build_libcrypto: build_crypto build_engines libcrypto.pc
build_libssl: build_ssl libssl.pc

build_crypto:
@dir=crypto; target=all; $(BUILD_ONE_CMD)
Expand Down Expand Up @@ -461,6 +464,9 @@ tests: rehash
report:
@$(PERL) util/selftest.pl

update: errors stacks util/libeay.num util/ssleay.num TABLE
@set -e; target=update; $(RECURSIVE_BUILD_CMD)

depend:
@set -e; target=depend; $(RECURSIVE_BUILD_CMD)

Expand All @@ -485,26 +491,10 @@ util/libeay.num::
util/ssleay.num::
$(PERL) util/mkdef.pl ssl update

crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h

apps/openssl-vms.cnf: apps/openssl.cnf
$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf

crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h


TABLE: Configure
(echo 'Output of `Configure TABLE'"':"; \
$(PERL) Configure TABLE) > TABLE

update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend

# Build distribution tar-file. As the list of files returned by "find" is
# pretty long, on several platforms a "too many arguments" error or similar
# would occur. Therefore the list of files is temporarily stored into a file
Expand Down
28 changes: 9 additions & 19 deletions deps/openssl/openssl/Makefile.bak
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
## Makefile for OpenSSL
##

VERSION=1.0.1m-dev
VERSION=1.0.1o-dev
MAJOR=1
MINOR=0.1
SHLIB_VERSION_NUMBER=1.0.0
Expand Down Expand Up @@ -186,7 +186,7 @@ WTARFILE= $(NAME)-win.tar
EXHEADER= e_os2.h
HEADER= e_os.h

all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
all: Makefile build_all

# as we stick to -e, CLEARENV ensures that local variables in lower
# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
Expand Down Expand Up @@ -272,7 +272,10 @@ reflect:
sub_all: build_all
build_all: build_libs build_apps build_tests build_tools

build_libs: build_crypto build_ssl build_engines
build_libs: build_libcrypto build_libssl openssl.pc

build_libcrypto: build_crypto build_engines libcrypto.pc
build_libssl: build_ssl libssl.pc

build_crypto:
@dir=crypto; target=all; $(BUILD_ONE_CMD)
Expand Down Expand Up @@ -461,6 +464,9 @@ tests: rehash
report:
@$(PERL) util/selftest.pl

update: errors stacks util/libeay.num util/ssleay.num TABLE
@set -e; target=update; $(RECURSIVE_BUILD_CMD)

depend:
@set -e; target=depend; $(RECURSIVE_BUILD_CMD)

Expand All @@ -485,26 +491,10 @@ util/libeay.num::
util/ssleay.num::
$(PERL) util/mkdef.pl ssl update

crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h

apps/openssl-vms.cnf: apps/openssl.cnf
$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf

crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h


TABLE: Configure
(echo 'Output of `Configure TABLE'"':"; \
$(PERL) Configure TABLE) > TABLE

update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend

# Build distribution tar-file. As the list of files returned by "find" is
# pretty long, on several platforms a "too many arguments" error or similar
# would occur. Therefore the list of files is temporarily stored into a file
Expand Down
26 changes: 8 additions & 18 deletions deps/openssl/openssl/Makefile.org
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@ WTARFILE= $(NAME)-win.tar
EXHEADER= e_os2.h
HEADER= e_os.h

all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
all: Makefile build_all

# as we stick to -e, CLEARENV ensures that local variables in lower
# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
Expand Down Expand Up @@ -270,7 +270,10 @@ reflect:
sub_all: build_all
build_all: build_libs build_apps build_tests build_tools

build_libs: build_crypto build_ssl build_engines
build_libs: build_libcrypto build_libssl openssl.pc

build_libcrypto: build_crypto build_engines libcrypto.pc
build_libssl: build_ssl libssl.pc

build_crypto:
@dir=crypto; target=all; $(BUILD_ONE_CMD)
Expand Down Expand Up @@ -459,6 +462,9 @@ tests: rehash
report:
@$(PERL) util/selftest.pl

update: errors stacks util/libeay.num util/ssleay.num TABLE
@set -e; target=update; $(RECURSIVE_BUILD_CMD)

depend:
@set -e; target=depend; $(RECURSIVE_BUILD_CMD)

Expand All @@ -483,26 +489,10 @@ util/libeay.num::
util/ssleay.num::
$(PERL) util/mkdef.pl ssl update

crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h

apps/openssl-vms.cnf: apps/openssl.cnf
$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf

crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h


TABLE: Configure
(echo 'Output of `Configure TABLE'"':"; \
$(PERL) Configure TABLE) > TABLE

update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend

# Build distribution tar-file. As the list of files returned by "find" is
# pretty long, on several platforms a "too many arguments" error or similar
# would occur. Therefore the list of files is temporarily stored into a file
Expand Down
12 changes: 12 additions & 0 deletions deps/openssl/openssl/NEWS
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,18 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.

Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015]

o Fix HMAC ABI incompatibility

Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015]

o Malformed ECParameters causes infinite loop (CVE-2015-1788)
o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
o CMS verify infinite loop with unknown hash function (CVE-2015-1792)
o Race condition handling NewSessionTicket (CVE-2015-1791)

Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015]

o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/README
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

OpenSSL 1.0.1m 19 Mar 2015
OpenSSL 1.0.1o 12 Jun 2015

Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Expand Down
Loading

0 comments on commit f50c37d

Please sign in to comment.