upgrade to OpenSSL 1.0.2j #1436
Merged
Commits on Sep 22, 2016
-
Updates omnibus-software (and therefore omnibus) to know about new version of OpenSSL. * OCSP Status Request extension unbounded memory growth (CVE-2016-6304) * SSL_peek() hang on empty record (CVE-2016-6305) * SWEET32 Mitigation (CVE-2016-2183) * OOB write in MDC2_Update() (CVE-2016-6303) * Malformed SHA512 ticket DoS (CVE-2016-6302) * OOB write in BN_bn2dec() (CVE-2016-2182) * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) * Pointer arithmetic undefined behaviour (CVE-2016-2177) * Constant time flag not preserved in DSA signing (CVE-2016-2178) * DTLS buffered message DoS (CVE-2016-2179) * DTLS replay protection DoS (CVE-2016-2181) * Certificate message OOB reads (CVE-2016-6306) * Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307) * Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308) https://www.openssl.org/news/secadv/20160922.txt Signed-off-by: Robb Kidd <rkidd@chef.io>
Commits on Sep 27, 2016
-
Update omnibus-software for latest OpenSSL Severity: Moderate * Missing CRL sanity check (CVE-2016-7052) Signed-off-by: Robb Kidd <rkidd@chef.io>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.