Change --debug to -d for compat with old releases.

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 27cf65ead8d841e73c1ea7329fe90d6ef4418224..1dc6dc6223e1fa2121be5911b4f26e91e192b90e 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,15 @@
 
  Changes between 1.0.2d and 1.0.2e [xx XXX xxxx]
 
-  *)
+  *) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
+     This changes the decoding behaviour for some invalid messages,
+     though the change is mostly in the more lenient direction, and
+     legacy behaviour is preserved as much as possible.
+     [Emilia Käsper]
+
+  *) In DSA_generate_parameters_ex, if the provided seed is too short,
+     return an error
+     [Rich Salz and Ismo Puustinen <ismo.puustinen@intel.com>]
 
  Changes between 1.0.2c and 1.0.2d [9 Jul 2015]
 
@@ -276,6 +284,10 @@
 
  Changes between 1.0.1l and 1.0.2 [22 Jan 2015]
 
+  *) Change RSA and DH/DSA key generation apps to generate 2048-bit
+     keys by default.
+     [Kurt Roeckx]
+
   *) Facilitate "universal" ARM builds targeting range of ARM ISAs, e.g.
      ARMv5 through ARMv8, as opposite to "locking" it to single one.
      So far those who have to target multiple plaforms would compromise
@@ -914,7 +926,7 @@
      [mancha <mancha1@zoho.com>]
 
   *) Fix eckey_priv_encode so it immediately returns an error upon a failure
-     in i2d_ECPrivateKey.
+     in i2d_ECPrivateKey.  Thanks to Ted Unangst for feedback on this issue.
      [mancha <mancha1@zoho.com>]
 
   *) Fix some double frees. These are not thought to be exploitable.