Omit padding in RC4_KEY on IA-64. The idea behind padding was to reserve

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index d02d20e161982f779098d0bb9346daf447260f13..e828f127fa91a1325f771cfb3f1a60694b936b31 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,8 +2,19 @@
  OpenSSL CHANGES
  _______________
 
+ Changes between 0.9.8 and 0.9.9  [xx XXX xxxx]
+
+  *) 
+
  Changes between 0.9.7h and 0.9.8  [xx XXX xxxx]
 
+  *) Correct naming of the 'chil' and '4758cca' ENGINEs. This
+     involves renaming the source and generated shared-libs for
+     both. The engines will accept the corrected or legacy ids
+     ('ncipher' and '4758_cca' respectively) when binding. NB,
+     this only applies when building 'shared'.
+     [Corinna Vinschen <vinschen@redhat.com> and Geoff Thorpe]
+
   *) Add attribute functions to EVP_PKEY structure. Modify
      PKCS12_create() to recognize a CSP name attribute and
      use it. Make -CSP option work again in pkcs12 utility.
@@ -799,6 +810,17 @@
 
  Changes between 0.9.7g and 0.9.7h  [XX xxx XXXX]
 
+  *) Minimal support for X9.31 signatures and PSS padding modes. This is
+     mainly for FIPS compliance and not fully integrated at this stage.
+     [Steve Henson]
+
+  *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform
+     the exponentiation using a fixed-length exponent.  (Otherwise,
+     the information leaked through timing could expose the secret key
+     after many signatures; cf. Bleichenbacher's attack on DSA with
+     biased k.)
+     [Bodo Moeller]
+
   *) Make a new fixed-window mod_exp implementation the default for
      RSA, DSA, and DH private-key operations so that the sequence of
      squares and multiplies and the memory access pattern are