summaryrefslogtreecommitdiff
path: root/src/libstrongswan
AgeCommit message (Collapse)Author
2021-11-24Reject RSASSA-PSS params with negative salt lengthHEADcurrentTobias Brunner
The `salt_len` member in the struct is of type `ssize_t` because we use negative values for special automatic salt lengths when generating signatures. Not checking this could lead to an integer overflow. The value is assigned to the `len` field of a chunk (`size_t`), which is further used in calculations to check the padding structure and (if that is passed by a matching crafted signature value) eventually a memcpy() that will result in a segmentation fault. Fixes: a22316520b91 ("signature-params: Add functions to parse/build ASN.1 RSASSA-PSS params") Fixes: 7d6b81648b2d ("gmp: Add support for RSASSA-PSS signature verification") Fixes: CVE-2021-41990 Signed-off-by: Daniil Baturin <daniil@baturin.org>
2019-01-02New upstream version 5.7.2Yves-Alexis Perez
2018-10-01New upstream version 5.7.1Yves-Alexis Perez
2018-09-24New upstream version 5.7.0Yves-Alexis Perez
2018-06-04New upstream version 5.6.3Yves-Alexis Perez
2018-02-19New upstream version 5.6.2Yves-Alexis Perez
2017-11-21New upstream version 5.6.1Yves-Alexis Perez
2017-09-01New upstream version 5.6.0Yves-Alexis Perez
2017-05-30New upstream version 5.5.3Yves-Alexis Perez
2017-04-01New upstream version 5.5.2Yves-Alexis Perez
2016-10-20New upstream version 5.5.1Yves-Alexis Perez
2016-07-16Imported Upstream version 5.5.0Yves-Alexis Perez
2016-03-24Imported Upstream version 5.4.0Yves-Alexis Perez
2015-11-26Imported Upstream version 5.3.5Yves-Alexis Perez
2015-11-18Imported Upstream version 5.3.4Yves-Alexis Perez
2015-10-22Imported Upstream version 5.3.3Yves-Alexis Perez
2015-06-08Imported Upstream version 5.3.2Yves-Alexis Perez
2015-06-01Imported Upstream version 5.3.1Yves-Alexis Perez
2015-04-11Imported Upstream version 5.3.0Yves-Alexis Perez
2014-10-21Import upstream release 5.2.1Romain Francoise
2014-07-11Imported Upstream version 5.2.0Yves-Alexis Perez
2014-04-15Import upstream version 5.1.3Romain Francoise
2014-03-11Imported Upstream version 5.1.2Yves-Alexis Perez
2013-11-01Imported Upstream version 5.1.1Yves-Alexis Perez
2013-08-25Imported Upstream version 5.1.0Yves-Alexis Perez
2013-04-30Imported Upstream version 5.0.4Yves-Alexis Perez
2013-04-26Imported Upstream version 5.0.3Yves-Alexis Perez
2013-02-07Imported Upstream version 5.0.2Yves-Alexis Perez
2013-01-02Imported Upstream version 5.0.1Yves-Alexis Perez
2012-06-28Imported Upstream version 4.6.4Yves-Alexis Perez
2011-05-19Imported Upstream version 4.5.2René Mayrhofer
2011-03-05Imported Upstream version 4.5.1René Mayrhofer
2010-11-28[svn-upgrade] new version strongswan (4.5.0)Rene Mayrhofer
2010-08-09[svn-upgrade] new version strongswan (4.4.1)Rene Mayrhofer
2010-05-25[svn-upgrade] Integrating new upstream version, strongswan (4.4.0)Rene Mayrhofer
2010-02-23[svn-upgrade] Integrating new upstream version, strongswan (4.3.6)Rene Mayrhofer
2009-10-21[svn-upgrade] Integrating new upstream version, strongswan (4.3.4)Rene Mayrhofer
2009-06-23[svn-upgrade] Integrating new upstream version, strongswan (4.3.2)Rene Mayrhofer
2009-04-01[svn-upgrade] Integrating new upstream version, strongswan (4.2.14)Rene Mayrhofer
2009-03-22[svn-upgrade] Integrating new upstream version, strongswan (4.2.13)Rene Mayrhofer
2009-02-28[svn-upgrade] Integrating new upstream version, strongswan (4.2.12)Rene Mayrhofer
2008-12-05[svn-upgrade] Integrating new upstream version, strongswan (4.2.9)Rene Mayrhofer
2008-10-29[svn-upgrade] Integrating new upstream version, strongswan (4.2.8)Rene Mayrhofer
2008-07-09[svn-upgrade] Integrating new upstream version, strongswan (4.2.4)Rene Mayrhofer
2008-03-30[svn-upgrade] Integrating new upstream version, strongswan (4.1.11)Rene Mayrhofer
2008-02-07[svn-upgrade] Integrating new upstream version, strongswan (4.1.10)Rene Mayrhofer
2007-10-26[svn-upgrade] Integrating new upstream version, strongswan (4.1.8)Rene Mayrhofer
2007-07-04[svn-upgrade] Integrating new upstream version, strongswan (4.1.4)Rene Mayrhofer
2007-06-03[svn-upgrade] Integrating new upstream version, strongswan (4.1.3)Rene Mayrhofer
2007-04-12[svn-upgrade] Integrating new upstream version, strongswan (4.1.1)Rene Mayrhofer
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-02 21:22:26 +0000