openssl-web.git
15 hours agoby laws: remove the necessity for the OMC to invite committers and OTC members. master
Pauli [Fri, 6 Nov 2020 12:52:00 +0000 (22:52 +1000)]
by laws: remove the necessity for the OMC to invite committers and OTC members.

It would be better if these invitations come from the OTC which does the
nominations.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Mark J. Cox <mark@awe.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/207)

12 days agopolicies/sidebar: add link to OpenSSL Technical Policies
Dr. Matthias St. Pierre [Thu, 1 Oct 2020 16:13:22 +0000 (18:13 +0200)]
policies/sidebar: add link to OpenSSL Technical Policies

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/199)

12 days agoMerge SHA2 entries in FIPS table
Pauli [Wed, 4 Nov 2020 23:54:17 +0000 (09:54 +1000)]
Merge SHA2 entries in FIPS table

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/205)

12 days ago3.0 design: remove the SP 800-90 entropy testing entry.
Pauli [Wed, 4 Nov 2020 23:30:22 +0000 (09:30 +1000)]
3.0 design: remove the SP 800-90 entropy testing entry.

Due to rules changes, this will not be happening.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/205)

12 days ago3.0 design: remove the compliance column.
Pauli [Wed, 4 Nov 2020 23:29:45 +0000 (09:29 +1000)]
3.0 design: remove the compliance column.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/205)

2 weeks agoUpdate newsflash for alpha 8 release
Matt Caswell [Thu, 5 Nov 2020 14:18:34 +0000 (14:18 +0000)]
Update newsflash for alpha 8 release

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/206)

2 weeks agoRemove the TLS fixes items for CBC and key agreement.
Pauli [Wed, 4 Nov 2020 00:50:24 +0000 (10:50 +1000)]
Remove the TLS fixes items for CBC and key agreement.

Both of these have been completed and are no longer relevant FIPS related
work.  Neither is a FIPS algorithm in of itself.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/204)

2 weeks agoUpdate FIPS algorithm list to indicate compliance.
Pauli [Wed, 4 Nov 2020 00:49:25 +0000 (10:49 +1000)]
Update FIPS algorithm list to indicate compliance.

The algorithms are now compliant, indicate this in the table.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/204)

2 weeks agoUpdate FIPS algorithm list.
Pauli [Wed, 4 Nov 2020 00:43:21 +0000 (10:43 +1000)]
Update FIPS algorithm list.

Some additional algorithms have been added to the FIPS validation.  Reflect this
in the appendix.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/204)

4 weeks agoAdd link to blog post about alpha7
Matt Caswell [Wed, 21 Oct 2020 10:49:29 +0000 (11:49 +0100)]
Add link to blog post about alpha7

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/web/pull/203)

5 weeks agoUpdate newsflash for alpha7 release
Matt Caswell [Thu, 15 Oct 2020 13:23:01 +0000 (14:23 +0100)]
Update newsflash for alpha7 release

Reviewed-by: Mark J. Cox <mark@awe.com>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/202)

6 weeks agoAdd Siemens to the list of companies that support the project by donating employee...
Pauli [Thu, 8 Oct 2020 21:52:12 +0000 (07:52 +1000)]
Add Siemens to the list of companies that support the project by donating employee time.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/200)

7 weeks agootc-policies: Add 'Voting Procedure' section
Dr. Matthias St. Pierre [Tue, 29 Sep 2020 20:56:43 +0000 (22:56 +0200)]
otc-policies: Add 'Voting Procedure' section

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/198)

7 weeks agootc-policies: Add an 'OpenSSL Technical Polices' page
Dr. Matthias St. Pierre [Tue, 29 Sep 2020 20:46:41 +0000 (22:46 +0200)]
otc-policies: Add an 'OpenSSL Technical Polices' page

This document lists the technical policies and procedures established
by the OTC based on the project bylaws and the requirements specified
by the OMC.

8 weeks agoUpdate the Release schedule in the release strategy
Matt Caswell [Tue, 16 Jun 2020 09:33:46 +0000 (10:33 +0100)]
Update the Release schedule in the release strategy

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/web/pull/184)

8 weeks agoCLA page clarifications
Matt Caswell [Wed, 10 Jun 2020 08:18:01 +0000 (09:18 +0100)]
CLA page clarifications

Fix a typo and clarify we require CLAs from all original authors.

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/183)

8 weeks agoAdd a new section to the Coding Style about argument ordering
Matt Caswell [Mon, 14 Sep 2020 10:26:49 +0000 (11:26 +0100)]
Add a new section to the Coding Style about argument ordering

We also add a section about how to extend existing functions.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/195)

2 months agoUpdates for the 1.1.1h release
Matt Caswell [Tue, 22 Sep 2020 13:05:56 +0000 (14:05 +0100)]
Updates for the 1.1.1h release

Reviewed-by: Mark J. Cox <mark@awe.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/web/pull/196)

2 months agoAdd Racoon advisory, vulnerability db entry, and newsflash pointing to the advisory
Mark J. Cox [Wed, 9 Sep 2020 11:59:40 +0000 (12:59 +0100)]
Add Racoon advisory, vulnerability db entry, and newsflash pointing to the advisory

2 months agoPublish project admin blog post
Matt Caswell [Sat, 5 Sep 2020 09:09:25 +0000 (10:09 +0100)]
Publish project admin blog post

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/192)

3 months agoAdd beslist.nl to the sponsor list for the bronze equivalent github level. Remove
Mark J. Cox [Sun, 16 Aug 2020 07:23:38 +0000 (08:23 +0100)]
Add beslist.nl to the sponsor list for the bronze equivalent github level.  Remove
the list of past sponsors, this would be better served perhaps as a yearly blog
post giving details of the health of the project.

3 months agoUpdate newsflash.txt for the alpha6 release
Matt Caswell [Thu, 6 Aug 2020 13:18:45 +0000 (14:18 +0100)]
Update newsflash.txt for the alpha6 release

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/190)

4 months agoAdd note about Alpha 5 in newsflash.txt
Richard Levitte [Thu, 16 Jul 2020 13:39:04 +0000 (15:39 +0200)]
Add note about Alpha 5 in newsflash.txt

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/web/pull/189)

4 months agoAdd Alpha4 blog post link
Matt Caswell [Tue, 30 Jun 2020 11:54:10 +0000 (12:54 +0100)]
Add Alpha4 blog post link

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/188)

4 months agoAdd note about Alpha 4 in newsflash.txt
Matt Caswell [Thu, 25 Jun 2020 14:05:37 +0000 (15:05 +0100)]
Add note about Alpha 4 in newsflash.txt

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/186)

5 months agoUpdates for Alpha 3 release
Matt Caswell [Thu, 4 Jun 2020 14:14:20 +0000 (15:14 +0100)]
Updates for Alpha 3 release

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/180)

5 months agoMerge pull request #171 from t8m/master
Mark J. Cox [Thu, 4 Jun 2020 08:29:20 +0000 (09:29 +0100)]
Merge pull request #171 from t8m/master

Mention the CLA: trivial marker

5 months agoMerge pull request #165 from iamamoose/nostandards
Mark J. Cox [Thu, 4 Jun 2020 08:27:32 +0000 (09:27 +0100)]
Merge pull request #165 from iamamoose/nostandards

Remove the docs/standards.html page

5 months agoMerge pull request #179 from iamamoose/sponsors
Mark J. Cox [Thu, 4 Jun 2020 08:22:17 +0000 (09:22 +0100)]
Merge pull request #179 from iamamoose/sponsors

Add a link to our GitHub sponsors page

5 months agoClosing tag
Mark J. Cox [Thu, 4 Jun 2020 07:01:11 +0000 (08:01 +0100)]
Closing tag

5 months agoAdd a link to our GitHub sponsors page; we do need to rework all
Mark J. Cox [Thu, 4 Jun 2020 06:58:51 +0000 (07:58 +0100)]
Add a link to our GitHub sponsors page; we do need to rework all
these pages in the future so don't worry about the "and one more thing"
style for now.

5 months agoAdapt man-page making for OpenSSL master / 3.0
Richard Levitte [Thu, 23 Apr 2020 17:44:05 +0000 (19:44 +0200)]
Adapt man-page making for OpenSSL master / 3.0

We use OpenSSL's rendering instead of our own, and just lightly strip
the result to fit in our page layout.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/175)

5 months agoMention some blog posts in the newsflash file
Matt Caswell [Tue, 19 May 2020 07:40:11 +0000 (08:40 +0100)]
Mention some blog posts in the newsflash file

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/178)

6 months agoAdd some notes about 3.0 on the download page
Matt Caswell [Thu, 23 Apr 2020 15:22:08 +0000 (16:22 +0100)]
Add some notes about 3.0 on the download page

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/174)

6 months agoUpdate newsflash for alpha2 release
Matt Caswell [Fri, 15 May 2020 13:53:08 +0000 (14:53 +0100)]
Update newsflash for alpha2 release

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/177)

6 months agoUpdate policy to add to prenotifications as per OMC vote
Mark J. Cox [Tue, 12 May 2020 08:40:58 +0000 (09:40 +0100)]
Update policy to add to prenotifications as per OMC vote

7 months agoAdd a link to the Alpha 1 blog post
Matt Caswell [Thu, 23 Apr 2020 15:13:06 +0000 (16:13 +0100)]
Add a link to the Alpha 1 blog post

Reviewed-by: Mark J. Cox <mark@awe.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/173)

7 months agoUpdate newsflash for 3.0 alpha 1 release
Matt Caswell [Thu, 23 Apr 2020 13:30:29 +0000 (14:30 +0100)]
Update newsflash for 3.0 alpha 1 release

Reviewed-by: Richard Levitte <levitte@openssl.org>
7 months agoAdd a link to the Security Advisory into newsflash
Matt Caswell [Tue, 21 Apr 2020 14:25:49 +0000 (15:25 +0100)]
Add a link to the Security Advisory into newsflash

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/172)

7 months agoUpdates for 1.1.1g release
Matt Caswell [Tue, 21 Apr 2020 11:08:12 +0000 (12:08 +0100)]
Updates for 1.1.1g release

Reviewed-by: Richard Levitte <levitte@openssl.org>
7 months agoMention the CLA: trivial marker
Tomáš Mráz [Thu, 16 Apr 2020 10:22:26 +0000 (12:22 +0200)]
Mention the CLA: trivial marker

7 months agoDon't die if we only have one tarball
Matt Caswell [Sat, 11 Apr 2020 18:34:21 +0000 (19:34 +0100)]
Don't die if we only have one tarball

mk-latest incorrectly dies if there is only one tarball. The value of
$#tarballs is 0 if there is 1 tarball.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/web/pull/170)

7 months agoAdd FAQ entry for "server sends HTTP headers in a loop"
Benjamin Kaduk [Thu, 12 Mar 2020 20:48:19 +0000 (13:48 -0700)]
Add FAQ entry for "server sends HTTP headers in a loop"

Older versions of a few commercial HTTPS servers don't handle
extended-master-secret and/or encrypt-then-mac very well, but we end up
getting asked about this weird behavior that shows up when people
upgrade to OpenSSL 1.1.0 clients.

Text largely taken from the discussion at
https://github.com/openssl/openssl/issues/9360 .

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Mark J. Cox <mark@awe.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/157)

7 months agoUpdate newsflash.txt for new release
Matt Caswell [Tue, 31 Mar 2020 12:38:54 +0000 (13:38 +0100)]
Update newsflash.txt for new release

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/167)

7 months agoFix 'make relupd'
Richard Levitte [Tue, 31 Mar 2020 09:24:47 +0000 (11:24 +0200)]
Fix 'make relupd'

The release updating targets relied on the files CHANGES and NEWS.
With OpenSSL 3.0, those have changed name to CHANGES.md and NEWS.md,
so an adjustment is needed.

Experience shows that we get the best output with a 'commonmark'
pandoc reader, and a little bit of post processing the output.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/166)

8 months agoThe standards page is out of date and we don't want to maintain it
Mark J. Cox [Fri, 20 Mar 2020 14:19:56 +0000 (14:19 +0000)]
The standards page is out of date and we don't want to maintain it
going forward, so best to remove it
fixes #155 #106

8 months agoSimple fix for #159 if we can't open the schema tell the user how to work around...
Mark J. Cox [Fri, 20 Mar 2020 09:02:32 +0000 (09:02 +0000)]
Simple fix for #159 if we can't open the schema tell the user how to work around it.  We
actually need to do that because some older? Ubuntu systems were having problems with the
CA cert from github

8 months agoMitre have been stripping whitespace after commas on submitted entries, so let's
Mark J. Cox [Thu, 19 Mar 2020 14:43:19 +0000 (14:43 +0000)]
Mitre have been stripping whitespace after commas on submitted entries, so let's
do that by default.  But they are keeping the whitespace after :.

fixes #160

8 months agoUpdate security.txt to a clearsigned version with non-expired key matching the latest...
Mark J. Cox [Thu, 19 Mar 2020 14:21:28 +0000 (14:21 +0000)]
Update security.txt to a clearsigned version with non-expired key matching the latest draft-foudil-securitytxt-09
fixes #145

8 months agotypo
Mark J. Cox [Wed, 18 Mar 2020 11:03:03 +0000 (11:03 +0000)]
typo
fixes: #86

8 months agoUpdate website for new release
Matt Caswell [Tue, 17 Mar 2020 13:31:21 +0000 (13:31 +0000)]
Update website for new release

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/web/pull/158)

9 months agoAdd link to the QUIC blog post
Matt Caswell [Mon, 17 Feb 2020 12:22:56 +0000 (12:22 +0000)]
Add link to the QUIC blog post

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/web/pull/156)

10 months agoUpdate the Release Strategy for 3.0
Matt Caswell [Tue, 7 Jan 2020 16:47:23 +0000 (16:47 +0000)]
Update the Release Strategy for 3.0

Schedule some alpah and beta releases for 3.0

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/web/pull/154)

10 months agoUpdate the website to remove a number of 1.0.2 references
Matt Caswell [Mon, 6 Jan 2020 16:22:17 +0000 (16:22 +0000)]
Update the website to remove a number of 1.0.2 references

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/153)

10 months agoCreate an OTC page on the website
Matt Caswell [Fri, 3 Jan 2020 14:57:25 +0000 (14:57 +0000)]
Create an OTC page on the website

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/web/pull/152)

10 months agoUpdate policies for OTC changes
Matt Caswell [Thu, 21 Nov 2019 13:44:27 +0000 (13:44 +0000)]
Update policies for OTC changes

Update other policies as necessary to reflect the bylaws changes that
introduced the OTC concept.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/146)

10 months agoMerge pull request #148 from mattcaswell/remove-110-additional
Mark J. Cox [Fri, 3 Jan 2020 12:13:39 +0000 (12:13 +0000)]
Merge pull request #148 from mattcaswell/remove-110-additional

Remove an additional 1.1.0 reference

10 months agoMerge pull request #151 from iamamoose/eolstatements
Mark J. Cox [Fri, 3 Jan 2020 12:13:07 +0000 (12:13 +0000)]
Merge pull request #151 from iamamoose/eolstatements

Allow a default statement if our page is not for a specific base version

10 months agoAllow a default statement if our page is not for a specific base version
Mark J. Cox [Fri, 3 Jan 2020 11:48:09 +0000 (11:48 +0000)]
Allow a default statement if our page is not for a specific base version
also clean up the HTML we closed the p tag in the wrong place.  Add a
statement on all the versions out of support.

10 months agoMerge pull request #150 from iamamoose/eolstatements
Mark J. Cox [Fri, 3 Jan 2020 10:05:39 +0000 (10:05 +0000)]
Merge pull request #150 from iamamoose/eolstatements

Update the vulnerability XML to also include some statements about EOL

10 months agoUpdate the vulnerability XML to also include some statements about EOL versions
Mark J. Cox [Fri, 3 Jan 2020 09:50:43 +0000 (09:50 +0000)]
Update the vulnerability XML to also include some statements about EOL versions
that was we can make it clear on the vulnerability page when things are EOL

11 months agoUpdates for the 1.0.2u release
Matt Caswell [Fri, 20 Dec 2019 13:21:39 +0000 (13:21 +0000)]
Updates for the 1.0.2u release

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/web/pull/149)

11 months agoRemove an additional 1.1.0 reference
Matt Caswell [Tue, 17 Dec 2019 14:26:51 +0000 (14:26 +0000)]
Remove an additional 1.1.0 reference

We previously removed references to 1.1.0 as a current release. There is
one remaining spot that was missed, so we update that too.

11 months agoDrop 1.1.0 as a current release
Matt Caswell [Mon, 16 Dec 2019 11:39:44 +0000 (11:39 +0000)]
Drop 1.1.0 as a current release

Don't refer to 1.1.0 as a current release since it is no longer supported.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/147)

11 months agoUpdate the by-laws to introduce the OTC concept
Matt Caswell [Thu, 21 Nov 2019 13:44:10 +0000 (13:44 +0000)]
Update the by-laws to introduce the OTC concept

We split the responsibilities of the current OMC into two different
groups - the OMC and the OTC (OpenSSL Technical Committee). The OMC still
retains its overall management function but the OTC becomes responsible
for technical decision making.

PR reviews will then require approval from an OTC member instead of an
OMC member.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/143)

11 months agoUpdate newsflash for security advisory
Matt Caswell [Fri, 6 Dec 2019 14:33:26 +0000 (14:33 +0000)]
Update newsflash for security advisory

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/144)

11 months agoAdd security advisory for CVE-2019-1551
Matt Caswell [Fri, 6 Dec 2019 14:26:44 +0000 (14:26 +0000)]
Add security advisory for CVE-2019-1551

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/144)

11 months agoUpdate key's expiration date
Kurt Roeckx [Wed, 4 Dec 2019 18:09:01 +0000 (19:09 +0100)]
Update key's expiration date

12 months agoClarify the Premium support contract wording
Matt Caswell [Thu, 14 Nov 2019 10:50:53 +0000 (10:50 +0000)]
Clarify the Premium support contract wording

The current text is not correct.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/web/pull/141)

12 months agoMerge pull request #140 from iamamoose/sponsorship
Mark J. Cox [Mon, 11 Nov 2019 12:35:06 +0000 (12:35 +0000)]
Merge pull request #140 from iamamoose/sponsorship

Sync the OSF sponsorship page with the current sponsors

12 months agoBetter grammar for where the support goes
Mark J. Cox [Mon, 11 Nov 2019 12:13:54 +0000 (12:13 +0000)]
Better grammar for where the support goes

12 months agoUpdate the sponsorship page to be current with the list of OSF
Mark J. Cox [Mon, 11 Nov 2019 11:47:41 +0000 (11:47 +0000)]
Update the sponsorship page to be current with the list of OSF
sponsors.  Add a bronze level and the current sponsors at that level.
Add a link to the 'in kind' thanks page.

12 months agoAdd a link to the new blog post
Matt Caswell [Thu, 7 Nov 2019 16:39:27 +0000 (16:39 +0000)]
Add a link to the new blog post

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/139)

14 months ago.htaccess: force .sha256 files to application/binary
Richard Levitte [Wed, 11 Sep 2019 21:39:26 +0000 (23:39 +0200)]
.htaccess: force .sha256 files to application/binary

14 months agosource: Remove gz encoding on .gz.sha256 files
Richard Levitte [Wed, 11 Sep 2019 21:25:06 +0000 (23:25 +0200)]
source: Remove gz encoding on .gz.sha256 files

14 months agoFix typo in advisories
Matt Caswell [Tue, 10 Sep 2019 14:34:03 +0000 (15:34 +0100)]
Fix typo in advisories

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/137)

14 months agoWebsite updates for new releases
Matt Caswell [Tue, 10 Sep 2019 11:05:36 +0000 (12:05 +0100)]
Website updates for new releases

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/136)

15 months agoCorrect typo in security advisory
Matt Caswell [Wed, 31 Jul 2019 08:38:46 +0000 (09:38 +0100)]
Correct typo in security advisory

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/web/pull/135)

15 months agoCVE-2019-1552 security advisory
Richard Levitte [Tue, 30 Jul 2019 13:20:38 +0000 (15:20 +0200)]
CVE-2019-1552 security advisory

Reviewed-by: Mark J. Cox <mark@awe.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/134)

16 months agoInclude description of a trivial commit.
Pauli [Sun, 7 Jul 2019 21:47:18 +0000 (07:47 +1000)]
Include description of a trivial commit.

Trivial submissions are mentioned but not defined.

16 months agoWhen producing HTML man-pages, include the original base name
Richard Levitte [Sat, 22 Jun 2019 07:44:24 +0000 (09:44 +0200)]
When producing HTML man-pages, include the original base name

For OpenSSL 1.1.0 and on, this isn't relevant any more, since all pod
names should be one of the names in the NAME section.  However, 1.0.2
pages were written differently, and people still refer to the original
base name to look up documentation.

Fixes openssl/openssl#9189

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/132)

17 months agoUpdate the copyright date in the licence file
Matt Caswell [Wed, 5 Jun 2019 16:28:17 +0000 (17:28 +0100)]
Update the copyright date in the licence file

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/131)

17 months agoUpdates for releases 1.0.2s, 1.1.0k and 1.1.1c
Richard Levitte [Tue, 28 May 2019 13:39:56 +0000 (15:39 +0200)]
Updates for releases 1.0.2s, 1.1.0k and 1.1.1c

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/129)

18 months agoUpdate security policy
Kurt Roeckx [Sat, 8 Dec 2018 19:12:01 +0000 (20:12 +0100)]
Update security policy

18 months agoDiscussed at the OMC face to face that we should make it clear what things we conside...
Mark J. Cox [Thu, 29 Nov 2018 15:27:27 +0000 (15:27 +0000)]
Discussed at the OMC face to face that we should make it clear what things we consider in and out of scope of being OpenSSL vulnerabilities and therefore what we will assign a CVE for

18 months agoUpdate of 3.0.0 design: addition of a provider context
Richard Levitte [Mon, 6 May 2019 07:56:19 +0000 (09:56 +0200)]
Update of 3.0.0 design: addition of a provider context

This changes gives providers the opportunity to create a context for
the execution of the operations and algorithms it provides.

The idea is that OSSL_provider_init() will create that context, and
the teardown function will destroy it, and libcrypto is simply
responsible for saving away the pointer to the context and pass it
down to appropriate provider side functions (typically the
constructors of operation specific contexts).

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/128)

20 months agoOpenSSL300Design: fix two broken links
Dr. Matthias St. Pierre [Thu, 14 Mar 2019 23:58:43 +0000 (00:58 +0100)]
OpenSSL300Design: fix two broken links

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/126)

20 months agoOpenSSL300Design: lighten watermark
Dr. Matthias St. Pierre [Fri, 15 Mar 2019 00:25:06 +0000 (01:25 +0100)]
OpenSSL300Design: lighten watermark

The strong DRAFT watermark is very distracting while reading and makes
the eyes loose the current reading position while scrolling.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/web/pull/127)

20 months agoWebsite updates for CVE-2019-1543
Matt Caswell [Wed, 6 Mar 2019 15:12:07 +0000 (15:12 +0000)]
Website updates for CVE-2019-1543

Reviewed-by: Mark J. Cox <mark@awe.com>
(Merged from https://github.com/openssl/web/pull/125)

20 months agoDon't try to hide section numbers / links in manpages
Richard Levitte [Fri, 1 Mar 2019 09:11:51 +0000 (10:11 +0100)]
Don't try to hide section numbers / links in manpages

In previous times, we produced manpages in apps/, crypto/ and ssl/,
and having to deal with links containing '/man{n}/' was only tedious,
so we simply removed the section numbers from the L<> POD codes.

Now that we've switched to regular manpage layout, removing the
section numbers is not necessary any more, and also leads to incorrect
links when the L<> code refers to pages in a different man section.

Issue was reported on
[openssl-users](https://marc.info/?l=openssl-users&m=155138532927266&w=2).
Thank you Paul Smith

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/124)

20 months agobin/mk-manpages: allow slashes in names
Richard Levitte [Thu, 28 Feb 2019 14:54:12 +0000 (15:54 +0100)]
bin/mk-manpages: allow slashes in names

The names in the NAME section may describe headers, which contain a slash
for OpenSSL headers.  We deal with that by converting slashes to dashes
for the file names.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/123)

20 months agoAdd commentary in the Makefile to explain what is going on
Richard Levitte [Mon, 25 Feb 2019 21:08:15 +0000 (22:08 +0100)]
Add commentary in the Makefile to explain what is going on

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/120)

20 months agoChange news/openssl-notes.html.in to use Template Toolkit
Richard Levitte [Mon, 25 Feb 2019 00:14:46 +0000 (01:14 +0100)]
Change news/openssl-notes.html.in to use Template Toolkit

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/120)

20 months agoClean up .gitignore
Richard Levitte [Mon, 25 Feb 2019 00:00:36 +0000 (01:00 +0100)]
Clean up .gitignore

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/120)

20 months agoRemove redundancy: generate vulnerabilities indexes from templates
Richard Levitte [Sun, 24 Feb 2019 23:56:11 +0000 (00:56 +0100)]
Remove redundancy: generate vulnerabilities indexes from templates

Adapt Makefile accordingly

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/120)

20 months agoRemove redundancy: generate source indexes from templates
Richard Levitte [Sun, 24 Feb 2019 23:36:14 +0000 (00:36 +0100)]
Remove redundancy: generate source indexes from templates

Adapt Makefile accordingly

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/120)

20 months agoRemove redundancy: remove the manpage dir cleanup from bin/mk-manpages
Richard Levitte [Sun, 24 Feb 2019 22:14:14 +0000 (23:14 +0100)]
Remove redundancy: remove the manpage dir cleanup from bin/mk-manpages

Let the Makefile take care of it instead

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/120)

20 months agoRemove redundancy: generate docs/manpages.html from template
Richard Levitte [Sun, 24 Feb 2019 22:13:23 +0000 (23:13 +0100)]
Remove redundancy: generate docs/manpages.html from template

Change Makefile accordingly

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/120)

20 months agoRemove redundancy: generate all manpage indexes from templates
Richard Levitte [Sun, 24 Feb 2019 22:07:03 +0000 (23:07 +0100)]
Remove redundancy: generate all manpage indexes from templates

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/120)

20 months agoRemove redundancy: produce news/changelog.html from a template
Richard Levitte [Sun, 24 Feb 2019 13:12:54 +0000 (14:12 +0100)]
Remove redundancy: produce news/changelog.html from a template

This templates produces a list of links to release changelogs from a
passed list of release versions.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/web/pull/120)