- 12 4月, 2023 22 次提交
-
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: Ie496270d939f787d14670a7851dbde783b6a4335
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: I5913041696f769307c08cf87c28ba70e7870465d
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: Iac985d5c82924614240d81262888975e29fcb8f6
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: Ife869932de66a5f0f9e5f4671a7946ac98a08499
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: If65075f86690553d4318c6bc14b7790ec66fca48
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: Ie41407008ba50276a06b3f043b191f73c800b640
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: I8be4f5c60df0ad52e0fc4abbb938f510a0cfffa8
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: I9a08705b953a1efc1eba7532ca883a93c21bed39
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: Ifcfc694b49a61f5e70672e574e868ba0a907f664
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: Id1de7fb5568d390a0ad450481d48bdb78a0f9649
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: I83ec360d829238be6afd3b4f3985d8dceac4888f
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: I67c01812a50086aa0c209d510e17d02ffcc9b4fa
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: I2e04e618c067af3635f1b18076e7817ae0a23557
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: I89fc88a46e22fdc619d1796a09718d89f88857bd
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: Ie105d84584e24b23922d15deb9256b0dac0e8a57
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com> Change-Id: Ia207049b9291a11846e5025cec461e4d76c25699
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 code4lala 提交于
add make build_all_generated for linux-aarch64 linux-armv4 linux-x86_64 mingw64, ignore test and doc Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 code4lala 提交于
Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
- 31 3月, 2023 1 次提交
-
-
由 openharmony_ci 提交于
Merge pull request !97 from code4lala/fix-CVE-2023-0465-CVE-2023-0466
-
- 29 3月, 2023 4 次提交
-
-
由 openharmony_ci 提交于
Merge pull request !94 from yinchuang/fix_llvm15_openssl
-
由 Tomas Mraz 提交于
The function was incorrectly documented as enabling policy checking. Fixes: CVE-2023-0466 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20564) Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 Matt Caswell 提交于
Even though we check the leaf cert to confirm it is valid, we later ignored the invalid flag and did not notice that the leaf cert was bad. Fixes: CVE-2023-0465 Reviewed-by: NHugo Landau <hlandau@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20588) Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 yinchuang 提交于
Signed-off-by: Nyinchuang <yinchuang@huawei.com> Change-Id: Ida0b31153d9a59d362a23338a5bf547524ec7dcf
-
- 27 3月, 2023 2 次提交
-
-
由 openharmony_ci 提交于
Merge pull request !92 from code4lala/fix-CVE-2023-0464
-
由 openharmony_ci 提交于
Merge pull request !93 from jiangdi/master
-
- 24 3月, 2023 3 次提交
-
-
由 jiangdi 提交于
Signed-off-by: Njiangdi <jiangdi11@huawei.com>
-
由 jiangdi 提交于
Signed-off-by: Njiangdi <jiangdi11@huawei.com>
-
由 Pauli 提交于
A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Fixes CVE-2023-0464 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/20569) Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
- 23 3月, 2023 1 次提交
-
-
由 openharmony_ci 提交于
满足合入条件、但并发量过大;需要手动合入!
-
- 06 3月, 2023 1 次提交
-
-
由 guzhihao4 提交于
Issue: #I6ID6E Signed-off-by: Nguzhihao4 <guzhihao4@huawei.com> Change-Id: I4452c47fd141b3f995f9fa212c8590671edd7e74
-
- 10 2月, 2023 6 次提交
-
-
由 openharmony_ci 提交于
Merge pull request !78 from code4lala/master
-
由 code4lala 提交于
add rsa_sup_mul.c from CVE-2022-4304 fix https://github.com/openssl/openssl/commit/43d8f88511991533f53680a751e9326999a6a31fSigned-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 Matt Caswell 提交于
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. Patch written by Dmitry Belyavsky and Hubert Kario CVE-2022-4304 Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 Hugo Landau 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 Matt Caswell 提交于
If the aux->asn1_cb() call fails in BIO_new_NDEF then the "out" BIO will be part of an invalid BIO chain. This causes a "use after free" when the BIO is eventually freed. Based on an original patch by Viktor Dukhovni and an idea from Theo Buehler. Thanks to Octavio Galland for reporting this issue. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
由 Matt Caswell 提交于
Call PEM_read_bio_ex() and expect a failure. There should be no dangling ptrs and therefore there should be no double free if we free the ptrs on error. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NHugo Landau <hlandau@openssl.org> Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-