Kurt Roeckx [Thu, 16 Oct 2014 17:53:23 +0000 (19:53 +0200)]
Update all v4 keys to have the full fingerprint again.
Mark J. Cox [Thu, 16 Oct 2014 11:30:28 +0000 (12:30 +0100)]
Merge branch 'master' of openssl.net:openssl-web
Mark J. Cox [Thu, 16 Oct 2014 11:29:12 +0000 (12:29 +0100)]
Update stylesheet so we don't have ugly CVE- when we have something without a CVE
Rich Salz [Thu, 16 Oct 2014 04:41:47 +0000 (00:41 -0400)]
update to roadmap; tweaked mirror information
14-oct-2014 update to roadmap:
audit timetable and TLS1.3/CT added to features
said not interested in any more mirrors
pruned mirror list to only those that worked in a quick test
Mark J. Cox [Wed, 15 Oct 2014 19:26:59 +0000 (20:26 +0100)]
Fix bad commit
Tim Hudson [Wed, 15 Oct 2014 14:40:16 +0000 (00:40 +1000)]
include allocated CVE
Mark J. Cox [Wed, 15 Oct 2014 14:32:29 +0000 (15:32 +0100)]
Session tickets checks were not in earlier 0.9.8, remove them from
affected list.
Mark J. Cox [Wed, 15 Oct 2014 14:07:59 +0000 (15:07 +0100)]
Remove dupe CVE
Mark J. Cox [Wed, 15 Oct 2014 14:00:20 +0000 (15:00 +0100)]
xsltproc vulnerabilities.xsl vulnerabilities.xml > vulnerabilities.wml
Matt Caswell [Wed, 15 Oct 2014 13:46:58 +0000 (14:46 +0100)]
Update to vulnerabilities.xml
Matt Caswell [Wed, 15 Oct 2014 13:29:06 +0000 (14:29 +0100)]
Add security advisory
Matt Caswell [Wed, 15 Oct 2014 13:22:27 +0000 (14:22 +0100)]
Updates to newsflash.txt
Lutz Jaenicke [Mon, 13 Oct 2014 09:47:13 +0000 (11:47 +0200)]
Update Lutz's PGP key info
Richard Levitte [Mon, 13 Oct 2014 09:30:02 +0000 (11:30 +0200)]
Update my PGP data
Bodo Moeller [Mon, 13 Oct 2014 08:52:05 +0000 (10:52 +0200)]
Update location for Bodo.
Tim Hudson [Mon, 13 Oct 2014 07:44:33 +0000 (17:44 +1000)]
note Richard returning to active status
Steve Marquess [Wed, 8 Oct 2014 16:31:56 +0000 (12:31 -0400)]
Added Linux Foundation acknowledgment
Matt Caswell [Thu, 25 Sep 2014 20:43:30 +0000 (21:43 +0100)]
Updates for 1.0.2 beta 3
Rich Salz [Thu, 25 Sep 2014 18:36:14 +0000 (14:36 -0400)]
Add html anchors for platform,release strategy
This is so that I can post a link when I send email to
openssl-dev/users about removing platforms :)
Rich Salz [Wed, 10 Sep 2014 17:56:23 +0000 (13:56 -0400)]
Update release info as noted by Jakob Bohm.
Rich Salz [Tue, 9 Sep 2014 17:10:58 +0000 (13:10 -0400)]
RT2982: Update to use 1.0.1e
The fix in 1.0.1d wasn't complete, so add a note saying
to use 1.0.1e or later.
Matt Caswell [Mon, 8 Sep 2014 22:39:26 +0000 (23:39 +0100)]
Removed duplicate "last updated" message
Rich Salz [Mon, 8 Sep 2014 19:15:28 +0000 (15:15 -0400)]
Add update on RT backlog objective.
Also added text file and an activity graph.
Matt Caswell [Sun, 7 Sep 2014 20:35:08 +0000 (21:35 +0100)]
Minor tweak to wml for security strategy strike through
Matt Caswell [Sun, 7 Sep 2014 20:28:26 +0000 (21:28 +0100)]
Updated roadmap with security policy info
Matt Caswell [Sun, 7 Sep 2014 20:19:58 +0000 (21:19 +0100)]
Published Security Policy
Matt Caswell [Fri, 8 Aug 2014 18:25:22 +0000 (19:25 +0100)]
Fixed vulnerabilities database to clarify that CVE-2014-3505 is only
vulnerable from 0.9.8m onwards.
Also CVE-2014-3507 is only vulnerable from 0.9.8o onwards and 1.0.0a onwards.
Mark J. Cox [Thu, 7 Aug 2014 14:51:15 +0000 (15:51 +0100)]
wml wasn't regenerated from xml
Matt Caswell [Wed, 6 Aug 2014 21:53:29 +0000 (22:53 +0100)]
Updates for new releases
Rich Salz [Tue, 5 Aug 2014 01:01:13 +0000 (21:01 -0400)]
Add openssl-testing pointer
Tim Hudson [Fri, 25 Jul 2014 23:17:40 +0000 (09:17 +1000)]
a test blank line to see if email issue is fixed
Tim Hudson [Thu, 24 Jul 2014 22:02:44 +0000 (08:02 +1000)]
remove references to long defunct email address for Eric
tone down the references to SSLeay
remove initials from references to Eric and Tim
Matt Caswell [Tue, 22 Jul 2014 20:46:28 +0000 (21:46 +0100)]
Added Beta 2 release to newsflash
Tim Hudson [Sat, 19 Jul 2014 06:26:30 +0000 (16:26 +1000)]
adjust incorrect link
Tim Hudson [Wed, 16 Jul 2014 22:32:16 +0000 (08:32 +1000)]
correct <80><99> as apostrophe from cut-n-paste
Tim Hudson [Wed, 16 Jul 2014 22:25:20 +0000 (08:25 +1000)]
keep prior wording and note objective met as the style for updates
Tim Hudson [Wed, 16 Jul 2014 21:05:32 +0000 (07:05 +1000)]
update code review section
Rich Salz [Wed, 2 Jul 2014 10:51:51 +0000 (06:51 -0400)]
Merge branch 'master' of git.openssl.org:openssl-web
Rich Salz [Wed, 2 Jul 2014 10:51:30 +0000 (06:51 -0400)]
Add roadmap item
Matt Caswell [Tue, 1 Jul 2014 22:46:21 +0000 (23:46 +0100)]
Minor modification to explain what RT is for those that don't know
Matt Caswell [Mon, 30 Jun 2014 22:24:36 +0000 (23:24 +0100)]
Added Roadmap
Matt Caswell [Mon, 30 Jun 2014 19:37:58 +0000 (20:37 +0100)]
Removed sentence saying that we do not have any sustainable subsidies from commercial sponsors
Steve Marquess [Mon, 30 Jun 2014 13:19:45 +0000 (09:19 -0400)]
Add new PSW logo
Steve Marquess [Mon, 30 Jun 2014 12:10:17 +0000 (08:10 -0400)]
Change case of sponsor name per sponsor request
Dr. Stephen Henson [Fri, 27 Jun 2014 18:05:37 +0000 (19:05 +0100)]
Manually build news/index.html
Rich Salz [Thu, 26 Jun 2014 02:12:49 +0000 (22:12 -0400)]
Add full key fingerprint for rsalz; add linebreaks for readability.
Kurt Roeckx [Wed, 25 Jun 2014 20:25:54 +0000 (22:25 +0200)]
Use full fingerprint for v4 keys and long id for v3 keys
The short id (32 bit) shouldn't be used since it's trivial to
generate a duplicate, even the long id (64 bit) is easy and
should be avoided but v3 keys can only be used with the long
key and not the fingerprint.
Rich Salz [Tue, 24 Jun 2014 11:21:44 +0000 (07:21 -0400)]
Drop the "why buy ..." squib.
Mark J. Cox [Tue, 24 Jun 2014 09:45:11 +0000 (10:45 +0100)]
Unfortunately newsflashes are limited by characters so we can't go into
full detail of all the new names in the dev team and core change
Kurt Roeckx [Mon, 23 Jun 2014 19:43:31 +0000 (21:43 +0200)]
Generate vulnerabilities.wml in UTF-8 instead of latin1
Also update the vulnerabilities.wml file.
Geoff Thorpe [Mon, 23 Jun 2014 18:55:07 +0000 (14:55 -0400)]
Make CVS-2014-0195 show up.
Kurt Roeckx [Sat, 21 Jun 2014 22:04:40 +0000 (00:04 +0200)]
Convert file from latin1 to UTF-8
The headers on the website say it's UTF-8, so it got rendered wrong.
Dr. Stephen Henson [Sat, 21 Jun 2014 13:45:22 +0000 (14:45 +0100)]
Fix alphabetical order.
Dr. Stephen Henson [Sat, 21 Jun 2014 13:42:11 +0000 (14:42 +0100)]
Typo.
Steve Marquess [Sat, 21 Jun 2014 13:36:42 +0000 (09:36 -0400)]
Add Kurt Roeckx
Steve Marquess [Fri, 20 Jun 2014 17:56:47 +0000 (13:56 -0400)]
Add Rich Salz
Steve Marquess [Thu, 19 Jun 2014 17:21:11 +0000 (13:21 -0400)]
Added Emilia Kasper
Tim Hudson [Thu, 19 Jun 2014 16:55:12 +0000 (02:55 +1000)]
also remove subedit historical SSLeay reference
Tim Hudson [Thu, 19 Jun 2014 15:45:02 +0000 (01:45 +1000)]
update all related items removing any item for which the links no longer work
remove historical references to SSLeay
Geoff Thorpe [Mon, 16 Jun 2014 14:34:08 +0000 (10:34 -0400)]
I've been activated.
Dr. Stephen Henson [Sun, 15 Jun 2014 12:52:13 +0000 (13:52 +0100)]
update status
Steve Marquess [Thu, 12 Jun 2014 12:03:47 +0000 (08:03 -0400)]
Update team list for Andy, Tim, Viktor
Matt Caswell [Fri, 6 Jun 2014 22:39:25 +0000 (23:39 +0100)]
Fixed missing references to 0.9.8e
Dr. Stephen Henson [Fri, 6 Jun 2014 13:12:36 +0000 (14:12 +0100)]
Change news title too.
Dr. Stephen Henson [Fri, 6 Jun 2014 13:09:09 +0000 (14:09 +0100)]
Change News to release notes.
Mark J. Cox [Fri, 6 Jun 2014 12:00:21 +0000 (13:00 +0100)]
Note the 0076 fix in 0.9.8za
Mark J. Cox [Fri, 6 Jun 2014 11:57:24 +0000 (12:57 +0100)]
Remember this is useless
Mark J. Cox [Fri, 6 Jun 2014 11:54:34 +0000 (12:54 +0100)]
Regenerate by date
Mark J. Cox [Fri, 6 Jun 2014 11:54:24 +0000 (12:54 +0100)]
Sort by date not CVE name within a year
Steve Marquess [Thu, 5 Jun 2014 13:39:14 +0000 (09:39 -0400)]
Rearrange sponsor logos
Mark J. Cox [Thu, 5 Jun 2014 11:34:47 +0000 (12:34 +0100)]
Add flaws to vulnerabilities.xml
Dr. Stephen Henson [Thu, 5 Jun 2014 10:04:15 +0000 (11:04 +0100)]
Update newsflash.
Dr. Stephen Henson [Thu, 5 Jun 2014 10:00:04 +0000 (11:00 +0100)]
Add security advisory.
Steve Marquess [Fri, 30 May 2014 10:38:18 +0000 (06:38 -0400)]
Changed Smartisan logo per their request
Steve Marquess [Thu, 29 May 2014 16:45:30 +0000 (12:45 -0400)]
Add Milton Security Group as new sponsor.
Steve Marquess [Tue, 27 May 2014 16:22:16 +0000 (12:22 -0400)]
Add Smartisan and Huawei acknowledgments
Steve Marquess [Tue, 13 May 2014 12:22:24 +0000 (08:22 -0400)]
Add Globalsign logo
Geoff Thorpe [Wed, 7 May 2014 00:59:25 +0000 (20:59 -0400)]
web: add Geoff's key-id
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
Steve Marquess [Fri, 2 May 2014 18:32:56 +0000 (14:32 -0400)]
New Opengear logo
Mark J. Cox [Fri, 2 May 2014 11:42:09 +0000 (12:42 +0100)]
Merge branch 'master' of openssl.net:openssl-web
Mark J. Cox [Thu, 1 May 2014 17:51:19 +0000 (18:51 +0100)]
Update with the missing CVEs and advisories
Dr. Stephen Henson [Thu, 1 May 2014 17:26:32 +0000 (18:26 +0100)]
Typo.
Mark J. Cox [Thu, 1 May 2014 10:06:28 +0000 (11:06 +0100)]
Remove Contribution link, it's now under Source (since it's rarely updated)
Add Security link, how to report, discover vulns, and the database of CVE
Mark J. Cox [Thu, 1 May 2014 10:01:49 +0000 (11:01 +0100)]
Link to contrib from source so we can remove from master navbar
Mark J. Cox [Wed, 30 Apr 2014 20:16:50 +0000 (21:16 +0100)]
Add images for a "security" tab on the navbar (but don't enable it on
the site yet), will just point to the news/vulnerabilities page
Mark J. Cox [Wed, 30 Apr 2014 20:02:22 +0000 (21:02 +0100)]
Make the vulnerability db into more of a useful security catch all page
(at the moment the FAQ lists the contact methods, nowhere lists what
versions are EOL). We'll then use a dedicated tab for this page.
Steve Marquess [Wed, 30 Apr 2014 12:13:17 +0000 (08:13 -0400)]
Add Nokia acknowledgment
Mark J. Cox [Tue, 29 Apr 2014 07:50:14 +0000 (08:50 +0100)]
Missing tag (Hard to test these changes locally)
Mark J. Cox [Tue, 29 Apr 2014 07:46:35 +0000 (08:46 +0100)]
Add key id to first table too otherwise it's confusing that you have to
cross-reference people into the 2nd table
Mark J. Cox [Tue, 29 Apr 2014 07:44:48 +0000 (08:44 +0100)]
Use @openssl.org addresses for team members now available
Matt Caswell [Fri, 25 Apr 2014 23:36:05 +0000 (00:36 +0100)]
Added Matt Caswell to about page
Andy Polyakov [Thu, 24 Apr 2014 22:04:19 +0000 (00:04 +0200)]
Typo in appro's link to key server.
Andy Polyakov [Thu, 24 Apr 2014 21:52:57 +0000 (23:52 +0200)]
Add appro@openssl.org's GPG key
Steve Marquess [Thu, 24 Apr 2014 12:03:28 +0000 (08:03 -0400)]
Add GPG key for SteveM
Dr. Stephen Henson [Thu, 24 Apr 2014 11:56:18 +0000 (12:56 +0100)]
Delete obsolete announcement file.
Mark J. Cox [Wed, 23 Apr 2014 14:16:02 +0000 (15:16 +0100)]
Remove extra email address on Emeritae table
Mark J. Cox [Wed, 23 Apr 2014 14:14:16 +0000 (15:14 +0100)]
Missed an extra underline header and bad spacing on one table
Mark J. Cox [Wed, 23 Apr 2014 14:12:34 +0000 (15:12 +0100)]
Shorter newsflash makes home page look nicer
Mark J. Cox [Wed, 23 Apr 2014 14:04:39 +0000 (15:04 +0100)]
Update team members page and add Steve Marquess
Dr. Stephen Henson [Tue, 22 Apr 2014 02:20:31 +0000 (03:20 +0100)]
fix broken link
projects / openssl-web.git / log