boringssl

kris/boringssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
Adam Langley	f10a63b050	Typo: set i to -1 before goto. PR#3302 (Imported from upstream's 646886682373e76dee233f7b918dec0c83e180fc)	2014-06-20 13:17:41 -07:00
Adam Langley	56475207be	Add heartbeat extension bounds check. A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for preparing the fix (CVE-2014-0160) (Imported from upstream's 7e840163c06c7692b796a93e3fa85a93136adbb2)	2014-06-20 13:17:39 -07:00
Adam Langley	95c29f3cd1	Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)	2014-06-20 13:17:32 -07:00

Author

SHA1

Message

Date

Adam Langley

f10a63b050

Typo: set i to -1 before goto.

PR#3302

(Imported from upstream's 646886682373e76dee233f7b918dec0c83e180fc)

2014-06-20 13:17:41 -07:00

Adam Langley

56475207be

Add heartbeat extension bounds check.

A missing bounds check in the handling of the TLS heartbeat extension
can be used to reveal up to 64k of memory to a connected client or
server.

Thanks for Neel Mehta of Google Security for discovering this bug and to
Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
preparing the fix (CVE-2014-0160)

(Imported from upstream's 7e840163c06c7692b796a93e3fa85a93136adbb2)

2014-06-20 13:17:39 -07:00

Adam Langley

95c29f3cd1

Inital import.

Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).

(This change contains substantial changes from the original and
effectively starts a new history.)

2014-06-20 13:17:32 -07:00

1 2

53 Commits