Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
3cbb15ee
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
3cbb15ee
编写于
6月 01, 2010
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
add CVE-2010-0742 and CVS-2010-1633 fixes
上级
2d060267
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
16 addition
and
2 deletion
+16
-2
CHANGES
CHANGES
+10
-0
NEWS
NEWS
+2
-0
crypto/cms/cms_asn1.c
crypto/cms/cms_asn1.c
+2
-2
crypto/rsa/rsa_pmeth.c
crypto/rsa/rsa_pmeth.c
+2
-0
未找到文件。
CHANGES
浏览文件 @
3cbb15ee
...
...
@@ -103,6 +103,12 @@
is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
whose return value is often ignored.
[Steve Henson]
Changes between 1.0.0 and 1.0.0a [xx XXX xxxx]
*) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
(CVE-2010-1633)
[Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
Changes between 0.9.8n and 1.0.0 [xx XXX xxxx]
...
...
@@ -947,6 +953,10 @@
Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
access or freeing data twice (CVE-2010-0742)
[Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
*) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
common in certificates and some applications which only call
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
...
...
NEWS
浏览文件 @
3cbb15ee
...
...
@@ -7,6 +7,7 @@
Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a:
o Fix for security issue CVE-2010-1633.
o GOST MAC and CFB fixes.
Major changes between OpenSSL 0.9.8n and OpenSSL 1.0:
...
...
@@ -34,6 +35,7 @@
Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o:
o Fix for security issue CVE-2010-0742.
o Various DTLS fixes.
o Recognise SHA2 certificates if only SSL algorithms added.
o Fix for no-rc4 compilation.
...
...
crypto/cms/cms_asn1.c
浏览文件 @
3cbb15ee
...
...
@@ -131,8 +131,8 @@ ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
}
ASN1_NDEF_SEQUENCE_END
(
CMS_SignedData
)
ASN1_SEQUENCE
(
CMS_OriginatorInfo
)
=
{
ASN1_IMP_SET_OF_OPT
(
CMS_
SignedData
,
certificates
,
CMS_CertificateChoices
,
0
),
ASN1_IMP_SET_OF_OPT
(
CMS_
SignedData
,
crls
,
CMS_RevocationInfoChoice
,
1
)
ASN1_IMP_SET_OF_OPT
(
CMS_
OriginatorInfo
,
certificates
,
CMS_CertificateChoices
,
0
),
ASN1_IMP_SET_OF_OPT
(
CMS_
OriginatorInfo
,
crls
,
CMS_RevocationInfoChoice
,
1
)
}
ASN1_SEQUENCE_END
(
CMS_OriginatorInfo
)
ASN1_NDEF_SEQUENCE
(
CMS_EncryptedContentInfo
)
=
{
...
...
crypto/rsa/rsa_pmeth.c
浏览文件 @
3cbb15ee
...
...
@@ -251,6 +251,8 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
ret
=
int_rsa_verify
(
EVP_MD_type
(
rctx
->
md
),
NULL
,
0
,
rout
,
&
sltmp
,
sig
,
siglen
,
ctx
->
pkey
->
pkey
.
rsa
);
if
(
ret
<=
0
)
return
0
;
ret
=
sltmp
;
}
else
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录