Return to 68.html CVS log | Up to [local] / www |
version 1.58, 2020/10/08 15:41:27 | version 1.59, 2020/10/08 15:48:14 | ||
---|---|---|---|
|
|
||
<li>Move state initialization from <a href="https://man.openbsd.org/SSL_clear">SSL_clear(3)</a> to ssl3_clear() to ensure that it gets correctly reinitialized across a <a href="https://man.openbsd.org/SSL_set_ssl_method">SSL_set_ssl_method(3)</a> call. | <li>Move state initialization from <a href="https://man.openbsd.org/SSL_clear">SSL_clear(3)</a> to ssl3_clear() to ensure that it gets correctly reinitialized across a <a href="https://man.openbsd.org/SSL_set_ssl_method">SSL_set_ssl_method(3)</a> call. | ||
<li>Add a custom copy handler for AES keywrap to fix a use-after-free. | <li>Add a custom copy handler for AES keywrap to fix a use-after-free. | ||
<li>Avoid an out-of-bounds write in <a href="https://man.openbsd.org/BN_rand">BN_rand(3)</a>. | <li>Avoid an out-of-bounds write in <a href="https://man.openbsd.org/BN_rand">BN_rand(3)</a>. | ||
<li>Fix numerous leaks in the UI_dup_* functions. Simplify and tidy up the code in ui_lib.c. | <li>Fix numerous leaks in the <a href="https://man.openbsd.org/UI_new">UI_dup_*(3)</a> functions. Simplify and tidy up the code in ui_lib.c. | ||
<li>Correctly track selected ALPN length to avoid a potential segmentation fault with <a href="https://man.openbsd.org/SSL_get0_alpn_selected">SSL_get0_alpn_selected(3)</a> when alpn_selected is NULL. | <li>Correctly track selected ALPN length to avoid a potential segmentation fault with <a href="https://man.openbsd.org/SSL_get0_alpn_selected">SSL_get0_alpn_selected(3)</a> when alpn_selected is NULL. | ||
<li>Include machine/endian.h gost2814789.c in order to pick up the __STRICT_ALIGNMENT define. | <li>Include machine/endian.h gost2814789.c in order to pick up the __STRICT_ALIGNMENT define. | ||
<li>Correctly handle ssl_cert_dup() failure in <a href="https://man.openbsd.org/SSL_set_SSL_CTX">SSL_set_SSL_CTX(3)</a>. | <li>Correctly handle ssl_cert_dup() failure in <a href="https://man.openbsd.org/SSL_set_SSL_CTX">SSL_set_SSL_CTX(3)</a>. |