recalculate DSA signature if r or s is zero (FIPS 186-3 requirement)

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 6157a1ef0db391fe3d9c34f9810821731064d2ff..7c44f0d9899e59450f397cec5ca2efb6939f61d0 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) If a candidate issuer certificate is already part of the constructed
+     path ignore it: new debug notification X509_V_ERR_PATH_LOOP for this case.
+     [Steve Henson]
+
   *) Improve forward-security support: add functions
 
        void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx, int (*cb)(SSL *ssl, int is_forward_secure))
@@ -162,7 +166,14 @@
        Add command line options to s_client/s_server.
      [Steve Henson]
 
- Changes between 1.0.0b and 1.0.0c  [xx XXX xxxx]
+ Changes between 1.0.0c and 1.0.0d [xx XXX xxxx]
+
+  *) Fix bug in string printing code: if *any* escaping is enabled we must
+     escape the escape character (backslash) or the resulting string is
+     ambiguous.
+     [Steve Henson]
+
+ Changes between 1.0.0b and 1.0.0c  [2 Dec 2010]
 
   *) Fixed J-PAKE implementation error, originally discovered by
      Sebastien Martini, further info and confirmation from Stefan