www/68.html - diff

Return to 68.html CVS log

Up to [local] / www

version 1.58, 2020/10/08 15:41:27

version 1.59, 2020/10/08 15:48:14

Line 547

<li>Move state initialization from <a href="https://man.openbsd.org/SSL_clear">SSL_clear(3)</a> to ssl3_clear() to ensure that it gets correctly reinitialized across a <a href="https://man.openbsd.org/SSL_set_ssl_method">SSL_set_ssl_method(3)</a> call.

<li>Add a custom copy handler for AES keywrap to fix a use-after-free.

<li>Avoid an out-of-bounds write in <a href="https://man.openbsd.org/BN_rand">BN_rand(3)</a>.

<li>Fix numerous leaks in the UI_dup_* functions. Simplify and tidy up the code in ui_lib.c.

<li>Fix numerous leaks in the <a href="https://man.openbsd.org/UI_new">UI_dup_*(3)</a> functions. Simplify and tidy up the code in ui_lib.c.

<li>Correctly track selected ALPN length to avoid a potential segmentation fault with <a href="https://man.openbsd.org/SSL_get0_alpn_selected">SSL_get0_alpn_selected(3)</a> when alpn_selected is NULL.

<li>Include machine/endian.h gost2814789.c in order to pick up the __STRICT_ALIGNMENT define.

<li>Correctly handle ssl_cert_dup() failure in <a href="https://man.openbsd.org/SSL_set_SSL_CTX">SSL_set_SSL_CTX(3)</a>.