|
Revision tags: php-5.5.0RC3, php-5.3.26, php-5.4.16, php-5.5.0RC2, php-5.3.26RC1, php-5.4.16RC1, php-5.5.0RC1, php-5.3.25, php-5.4.15, php-5.3.25RC1, php-5.5.0beta4, php-5.4.15RC1, php-5.4.14, php-5.3.24, php-5.5.0beta3, php-5.3.24RC1, php-5.4.14RC1, php-5.5.0beta2, php-5.5.0beta1, php-5.3.23, php-5.4.13, php-5.5.0alpha6, php-5.3.23RC1, php-5.4.13RC1, php-5.3.22, php-5.5.0alpha5, php-5.4.12, php-5.3.22RC2, php-5.4.12RC2, php-5.3.22RC1 |
|
| #
836a2b11 |
| 30-Jan-2013 |
Lars Strojny |
NEWS entry new OpenSSL option [doc]
|
| #
4a01ddfb |
| 30-Jan-2013 |
Daniel Lowrey |
Added ssl context option, "disable_compression"
The CRIME attack vector exploits TLS compression. This patch adds a stream context option
allowing servers to disable TLS compression for
Added ssl context option, "disable_compression"
The CRIME attack vector exploits TLS compression. This patch adds a stream context option
allowing servers to disable TLS compression for versions of OpenSSL >= 1.0.0 (which first
introduced the SSL_OP_NO_COMPRESSION option). A summary rundown of the CRIME attack can
be found at https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
Thanks to @DaveRandom for pointing out the relevant section of code.
show more ...
|
|
Revision tags: php-5.4.12RC1, php-5.5.0alpha4, php-5.3.21, php-5.4.11, php-5.5.0alpha3, php-5.3.21RC1, php-5.4.11RC1 |
|
| #
a666285b |
| 01-Jan-2013 |
Xinchen Hui |
Happy New Year
|
| #
0a7395e0 |
| 01-Jan-2013 |
Xinchen Hui |
Happy New Year
|
| #
a2045ff3 |
| 01-Jan-2013 |
Xinchen Hui |
Happy New Year~
|
|
Revision tags: php-5.3.20, php-5.4.10, php-5.5.0alpha2, php-5.3.20RC1, php-5.4.10RC1, php-5.3.19, php-5.4.9, php-5.5.0alpha1, php-5.3.19RC1, php-5.4.9RC1, php-5.3.18, php-5.4.8, php-5.3.18RC1, php-5.4.8RC1, php-5.3.17, php-5.4.7, php-5.4.7RC1, php-5.3.16, php-5.4.6, php-5.4.6RC1, php-5.4.5, php-5.3.15, php-5.3.15RC1, php-5.4.5RC1, php-5.3.14, php-5.4.4, php-5.3.14RC2, php-5.4.4RC2, php-5.3.14RC1, php-5.4.4RC1, php-5.3.13, php-5.4.3, php-5.4.2, php-5.3.12, php-5.3.11, php-5.4.1, php-5.3.11RC2, php-5.4.1RC2, php-5.3.11RC1, php-5.4.1RC1, PHP-5.4.1-RC1, php-5.4.0, php-5.4.0RC8, php-5.3.10, php-5.4.0RC7 |
|
| #
398c6e6d |
| 26-Jan-2012 |
Scott MacVicar |
MFH r322485
Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389
|
| #
96aa2eb2 |
| 20-Jan-2012 |
Scott MacVicar |
Fix CVE-2011-3389. Possible attack on CBC mode with TLS 1.0.
See http://www.openssl.org/~bodo/tls-cbc.txt
The biggest reason for this mode being in SSL_OP_ALL was older versions
Fix CVE-2011-3389. Possible attack on CBC mode with TLS 1.0.
See http://www.openssl.org/~bodo/tls-cbc.txt
The biggest reason for this mode being in SSL_OP_ALL was older versions
of IE (2002) talking to servers using OpenSSL.
Can hopefully get this into 5.4.
show more ...
|
|
Revision tags: php-5.4.0RC6, php-5.3.9, php-5.4.0RC5 |
|
| #
e4ca0ed0 |
| 01-Jan-2012 |
Felipe Pena |
- Year++
|
| #
8775a375 |
| 01-Jan-2012 |
Felipe Pena |
- Year++
|
| #
4e198252 |
| 01-Jan-2012 |
Felipe Pena |
- Year++
|
|
Revision tags: php-5.3.9RC4, php-5.4.0RC4, php-5.3.9RC3, php-5.4.0RC3, php-5.3.9RC2, php-5.4.0RC2 |
|
| #
2c970a52 |
| 12-Nov-2011 |
Mateusz Kocielski |
- Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
ssl_handle of session_stream is not initialized.
|
| #
a9482367 |
| 12-Nov-2011 |
Mateusz Kocielski |
- Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
ssl_handle of session_stream is not initialized.
|
| #
aaa59efa |
| 10-Nov-2011 |
Mateusz Kocielski |
Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
ssl_handle of session_stream is not initialized.
|
|
Revision tags: php-5.4.0RC1, php-5.3.9RC1, php-5.4.0beta2 |
|
| #
2f3adeb0 |
| 05-Oct-2011 |
Pierre Joye |
- Revert r313616 (When we have a blocking SSL socket, respect the timeout
option, scottmac)
# This caused bug #55283 and #55848, we should investigate a proper solution without
# b
- Revert r313616 (When we have a blocking SSL socket, respect the timeout
option, scottmac)
# This caused bug #55283 and #55848, we should investigate a proper solution without
# breaking anything.
show more ...
|
| #
abf58318 |
| 05-Oct-2011 |
Pierre Joye |
- Revert r313616 (When we have a blocking SSL socket, respect the timeout
option, scottmac)
# This caused bug #55283 and #55848, we should investigate a proper solution without
# b
- Revert r313616 (When we have a blocking SSL socket, respect the timeout
option, scottmac)
# This caused bug #55283 and #55848, we should investigate a proper solution without
# breaking anything.
show more ...
|
|
Revision tags: php-5.4.0beta1, yaf-2.1.0, php-5.3.8 |
|
| #
0d2a9219 |
| 22-Aug-2011 |
Johannes Schlüter |
- Revert r313616 (When we have a blocking SSL socket, respect the timeout
option, scottmac)
# This caused bug #55283, we should investigate a proper solution without
# breaking any
- Revert r313616 (When we have a blocking SSL socket, respect the timeout
option, scottmac)
# This caused bug #55283, we should investigate a proper solution without
# breaking anything.
show more ...
|
|
Revision tags: php-5.3.7, php-5.3.7RC5, php-5.4.0alpha3, php-5.3.7RC4 |
|
| #
04c2df66 |
| 23-Jul-2011 |
Scott MacVicar |
When we have a blocking SSL socket, respect the timeout option.
reading from SSL sockets could block indefinitely due to the lack
of timeout
|
| #
ebbb2b1d |
| 23-Jul-2011 |
Scott MacVicar |
When we have a blocking SSL socket, respect the timeout option.
reading from SSL sockets could block indefinitely due to the lack
of timeout
|
| #
39988d12 |
| 23-Jul-2011 |
Scott MacVicar |
When we have a blocking SSL socket, respect the timeout option.
reading from SSL sockets could block indefinitely due to the lack
of timeout
|
|
Revision tags: php-5.3.7RC3, php-5.4.0alpha2, php-5.3.7RC2, php-5.4.0alpha1, php-5.3.7RC1 |
|
| #
ddd88ff9 |
| 10-Jun-2011 |
Felipe Pena |
- Fixed bug #55028 (// is abad comment)
|
| #
15f5dd5c |
| 10-Jun-2011 |
Felipe Pena |
- Fixed bug #55028 (// is abad comment)
|
| #
0e37aa14 |
| 10-Jun-2011 |
Felipe Pena |
- Fixed bug #55028 (// is abad comment)
|
| #
cd7681d2 |
| 08-Jun-2011 |
Gustavo André dos Santos Lopes |
- Fixed bug #54992: Stream not closed and error not returned when SSL CN_match
fails.
|
| #
c27079d9 |
| 08-Jun-2011 |
Gustavo André dos Santos Lopes |
- Fixed bug #54992: Stream not closed and error not returned when SSL CN_match
fails.
|
| #
2b72c6e7 |
| 08-Jun-2011 |
Gustavo André dos Santos Lopes |
- Fixed bug #54992: Stream not closed and error not returned when SSL CN_match
fails.
|
