projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
DSA verification should insist that r and s are in the allowed range.
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index d85f3492b5e31520df602ea1eb1c551a9ec88a47..c0390345baeee5e8dc1142151170c8eeb1891ebf 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -11,6 +11,10 @@
          *) applies to 0.9.6a (/0.9.6b) and 0.9.7
          +) applies to 0.9.7 only
 
+  *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
+     positive and less than q.
+     [Bodo Moeller]
+
   +) Enhance the general user interface with mechanisms for inner control
      and with pssibilities to have yes/no kind of prompts.
      [Richard Levitte]
Unnamed repository; edit this file 'description' to name the repository.