webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 11:35:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,015 Commits 2 Branches 1 Tag
4e9a2b57320fc17a2eaee06b60ee508ec79e59b0
Commit Graph

37 Commits

Author SHA1 Message Date
Arne Fitzenreiter
5eee265477 openssl: security update to 1.0.1h. 2014-06-06 17:26:14 +02:00
Arne Fitzenreiter
b1f11b0402 openssl: update to 1.0.1g. 
Fix for CVE-2014-0160
Add TLS padding extension workaround for broken servers.
Fix for CVE-2014-0076
 2014-04-07 21:33:34 +02:00
Michael Tremer
3bdc1a4e42 openssl: Update to 1.0.1f. 2014-01-06 19:10:27 +01:00
Michael Tremer
33c4c29b5e openssl: Don't propose too weak ciphers. 2013-12-29 20:46:41 +01:00
Erik Kapfer
0f90adc0aa openssl: Update to 1.0.1e. 
Contains also the old openssl-0.9.8 libs for compatibility purposes.
 2013-12-25 20:42:17 +01:00
Michael Tremer
7a26d28aa4 openssl: Update to 0.9.8y. 
Fixes the "Lucky Thirteen" issue: http://www.isg.rhul.ac.uk/tls/
also known as CVE-2013-0169

http://www.openssl.org/news/secadv_20130205.txt
 2013-02-05 19:01:11 +01:00
Arne Fitzenreiter
423d77a71f openssl: security update to 0.9.8x (CVE-2012-2333). 
Invalid TLS/DTLS record attack (CVE-2012-2333)
===============================================

A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and
DTLS can be exploited in a denial of service attack on both clients and
servers.

DTLS applications are affected in all versions of OpenSSL. TLS is only
affected in OpenSSL 1.0.1 and later.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing
as a service testing platform.

The fix was developed by Stephen Henson of the OpenSSL core team.

Affected users should upgrade to OpenSSL 1.0.1c, 1.0.0j or 0.9.8x

References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120510.txt
 2012-05-12 15:30:38 +02:00
Arne Fitzenreiter
8f17b54f96 openssl: security update to 0.9.8w. (CVE-2012-2131). 
SN1 BIO incomplete fix (CVE-2012-2131)
=======================================

It was discovered that the fix for CVE-2012-2110 released on 19 Apr
2012 was not sufficient to correct the issue for OpenSSL 0.9.8.

Please see http://www.openssl.org/news/secadv_20120419.txt for details
of that vulnerability.

This issue only affects OpenSSL 0.9.8v.  OpenSSL 1.0.1a and 1.0.0i
already contain a patch sufficient to correct CVE-2012-2110.

Thanks to Red Hat for discovering and fixing this issue.

Affected users should upgrade to 0.9.8w.

References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120424.txt
 2012-05-02 19:42:02 +02:00
Arne Fitzenreiter
9b33fb7e82 openssl: fix aes accleration via cryptodev. 2012-04-06 13:59:45 +02:00
Arne Fitzenreiter
d5e982c11b openssl: update to 0.9.8u. 2012-03-13 21:16:25 +01:00
Arne Fitzenreiter
6333b4e725 openssl: security update to 0.9.8t. 
prevent DTLS DoS attak (CVE-2012-0050)
 2012-01-19 21:39:58 +01:00
Arne Fitzenreiter
5d098ffb5a openssl: security update to 0.9.8s. 
DTLS Plaintext Recovery Attack (CVE-2011-4108)
Double-free in Policy Checks (CVE-2011-4109)
Uninitialized SSL 3.0 Padding (CVE-2011-4576)
Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577)
Affected users should upgrade to OpenSSL 1.0.0f or 0.9.8s.
SGC Restart DoS Attack (CVE-2011-4619)

http://www.openssl.org/news/secadv_20120104.txt
 2012-01-05 14:31:26 +01:00
Arne Fitzenreiter
55b4b3c924 Update openssl (0.9.8r). 2011-02-08 22:14:41 +01:00
Arne Fitzenreiter
20651e22d4 Openssl security update (0.9.8q). 2010-12-03 10:44:12 +01:00
Arne Fitzenreiter
296e037fb1 Fix openssl version number. 2010-11-16 23:27:19 +01:00
Arne Fitzenreiter
3d2477d7c7 Updated openssl (0.9.8p). 2010-11-16 22:26:36 +01:00
Michael Tremer
fea98bc53e openssl: Update to 0.9.8o. 2010-06-01 23:55:12 +02:00
Arne Fitzenreiter
071084a99e Updated openssl cryptodev patch. 2010-03-30 08:29:28 +02:00
Arne Fitzenreiter
65b3841a8f Updated openssl (0.9.8n). 
Conflicts:

	doc/packages-list.txt
 2010-03-30 07:57:02 +02:00
Michael Tremer
ffd87fbafc openssl: Fix compilation of openssl. 2010-03-11 17:05:05 +01:00
Michael Tremer
fb25052fb3 Add cryptodev support to kernel. 2010-03-10 00:18:18 +01:00
Arne Fitzenreiter
a5420c0edb Updated openssl (0.9.8m). 2010-03-09 20:37:12 +01:00
Arne Fitzenreiter
2a831ad019 Updated openssl (0.9.8l). 2010-01-24 16:03:05 +01:00
Arne Fitzenreiter
008dccfd9d Update openssl to 0.9.8k 2009-03-27 11:21:30 +01:00
maniacikarus
305e18807a Updated openssl to current stable 2009-01-19 22:30:42 +01:00
Maniacikarus
027306bfe5 Some Final Upgrade before RC just to have latests bugfixes 2008-10-19 16:52:47 +02:00
Christian Schmidt
f24c9564f0 Update samba and collectd to current versions 
Included padlock patches for openssh and openssl not yet included in make
 2008-05-24 13:12:04 +02:00
ms
2c42fe6ada A small number of buildfixes by Maniac. 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@999 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-10-26 14:02:15 +00:00
maniacikarus
3d1f6a3556 Update mldonkey openssh openssl ntfs-3g nfs and hdparm 
Change samba default config
Some fixes for mpfire


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@998 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-10-25 08:51:31 +00:00
ms
70df830214 Ein Paar Dateien fuer die GPLv3 angepasst. 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@853 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-08-29 13:25:32 +00:00
ms
290987781e Rollback des SSL, weils nen netten Fehler mit dem SSH gibt. 
Und noch das komische resetusb geloescht, was keine Funktion mehr besitzt.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@686 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-07-14 20:45:36 +00:00
ms
8f7b33eaa4 OpenSSL-Update 
Light-Version gekillt.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@669 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-07-09 22:57:32 +00:00
ms
411afd1f4b Zwischencommit fuer LFS. 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@320 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-10-13 15:35:24 +00:00
ms
6b8cff4166 Zwischencommit fuer LFS. 
EXPERIMENTELLE KERNEL-KONFIGURATION.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@317 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-10-12 20:44:44 +00:00
ms
90c973a6a7 Hinzugefuegt: 
* Konfiguration fuer Apache2
Kernelupgrade auf 2.4.33.3
Syslinux-Upgrade
Gefixt:
  * /tmp/ROOTFILES hat nichts in der ISO zu suchen.
  * Fehler im Installer wegen Apache2.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@283 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-09-18 19:05:20 +00:00
ms
50f9633488 Geaendert: 
* OpenSSL-Update wegen Sicherheitluecke.
  * Mache ROOTFILES passend um weniger zu aendern bei Kernelupdate.

git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@275 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-09-12 20:23:29 +00:00
ipfire
cd1a292722 git-svn-id: http://svn.ipfire.org/svn/ipfire/IPFire/source@16 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8 2006-02-15 21:15:54 +00:00