Since it's defined in draft-ietf-tls-compression-04.txt, let's make

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index f5bda1b6949426420964dc0aade26ddbe78638cb..8d47c0e171a726dc3f71902edb091b76513dd76a 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -335,6 +335,11 @@ TODO: bug: pad  x  with leading zeros if necessary
  
  Changes between 0.9.6h and 0.9.7  [XX xxx 2002]
 
+  *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content
+     octets have been read, EOF or an error occurs. Without this change
+     some truncated ASN1 structures will not produce an error.
+     [Steve Henson]
+
   *) Disable Heimdal support, since it hasn't been fully implemented.
      Still give the possibility to force the use of Heimdal, but with
      warnings and a request that patches get sent to openssl-dev.
@@ -2114,7 +2119,15 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Clean old EAY MD5 hack from e_os.h.
      [Richard Levitte]
 
- Changes between 0.9.6g and 0.9.6h  [xx XXX xxxx]
+ Changes between 0.9.6g and 0.9.6h  [5 Dec 2002]
+
+  *) New function OPENSSL_cleanse(), which is used to cleanse a section of
+     memory from it's contents.  This is done with a counter that will
+     place alternating values in each byte.  This can be used to solve
+     two issues: 1) the removal of calls to memset() by highly optimizing
+     compilers, and 2) cleansing with other values than 0, since those can
+     be read through on certain media, for example a swap space on disk.
+     [Geoff Thorpe]
 
   *) Bugfix: client side session caching did not work with external caching,
      because the session->cipher setting was not restored when reloading