X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=65cfb49e011cbd41bac9bf67c043abe209b46018;hp=7005f1cd892fe6e117abc064276c2cd6e1b78741;hb=173350bccaf25d6114a7108ccceabb974f125fa4;hpb=7bbd0de88dd179be6171ecf9e190561127cdd15f

diff --git a/CHANGES b/CHANGES
index 7005f1cd89..65cfb49e01 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,17 @@
 
  Changes between 1.0.0 and 1.1.0  [xx XXX xxxx]
 
+  *) Add Next Protocol Negotiation,
+     http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
+     disabled with a no-npn flag to config or Configure. Code donated
+     by Google.
+     [Adam Langley <agl@google.com> and Ben Laurie]
+
+  *) Use type ossl_ssize_t instad of ssize_t which isn't available on
+     all platforms. Move ssize_t definition from e_os.h to the public
+     header file e_os2.h as it now appears in public header file cms.h
+     [Steve Henson]
+
   *) New function OPENSSL_gmtime_diff to find the difference in days
      and seconds between two tm structures. This will be used to provide
      additional functionality for ASN1_TIME.
@@ -94,7 +105,7 @@
      whose return value is often ignored. 
      [Steve Henson]
   
- Changes between 1.0.0 and 1.0.1  [xx XXX xxxx]
+ Changes between 1.0.0a and 1.0.1  [xx XXX xxxx]
 
   *) Add call to ENGINE_register_all_complete() to
      ENGINE_load_builtin_engines(), so some implementations get used
@@ -114,13 +125,19 @@
        Add command line options to s_client/s_server.
      [Steve Henson]
 
- Changes between 1.0.0 and 1.0.0a  [xx XXX xxxx]
-  
+ Changes between 1.0.0a and 1.0.0b  [xx XXX xxxx]
+
+  *) Fix WIN32 build system to correctly link an ENGINE directory into
+     a DLL. 
+     [Steve Henson]
+
+ Changes between 1.0.0 and 1.0.0a  [01 Jun 2010]
+
   *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover 
      (CVE-2010-1633)
      [Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
 
- Changes between 0.9.8n and 1.0.0  [xx XXX xxxx]
+ Changes between 0.9.8n and 1.0.0  [29 Mar 2010]
 
   *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
      context. The operation can be customised via the ctrl mechanism in
@@ -961,7 +978,10 @@
   *) Change 'Configure' script to enable Camellia by default.
      [NTT]
   
- Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
+ Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
+
+  [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
+  OpenSSL 1.0.0.]
 
   *) Correct a typo in the CMS ASN1 module which can result in invalid memory
      access or freeing data twice (CVE-2010-0742)
@@ -972,6 +992,12 @@
      SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
      [Steve Henson]
 
+  *) VMS fixes: 
+     Reduce copying into .apps and .test in makevms.com
+     Don't try to use blank CA certificate in CA.com
+     Allow use of C files from original directories in maketests.com
+     [Steven M. Schweda" <sms@antinode.info>]
+
  Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
 
   *) When rejecting SSL/TLS records due to an incorrect version number, never
@@ -980,8 +1006,8 @@
      - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
      the previous behavior could result in a read attempt at NULL when
      receiving specific incorrect SSL/TLS records once record payload
-     protection is active.  (CVE-2010-####)
-     [Bodo Moeller, Adam Langley]
+     protection is active.  (CVE-2010-0740)
+     [Bodo Moeller, Adam Langley <agl@chromium.org>]
 
   *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL 
      could be crashed if the relevant tables were not present (e.g. chrooted).