X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=7c44f0d9899e59450f397cec5ca2efb6939f61d0;hp=5cbe87694968a1b96c232366077ccffaf6be2488;hb=ec3657f81fcb16c7f468833bab94c4ba85131eb9;hpb=c94f7f657bdfb94383413923d3cd522ed8ca955f

diff --git a/CHANGES b/CHANGES
index 5cbe876949..7c44f0d989 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,29 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 1.0.0 and 1.1.0  [xx XXX xxxx]
+ Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
+
+  *) If a candidate issuer certificate is already part of the constructed
+     path ignore it: new debug notification X509_V_ERR_PATH_LOOP for this case.
+     [Steve Henson]
+
+  *) Improve forward-security support: add functions
+
+       void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx, int (*cb)(SSL *ssl, int is_forward_secure))
+       void SSL_set_not_resumable_session_callback(SSL *ssl, int (*cb)(SSL *ssl, int is_forward_secure))
+
+     for use by SSL/TLS servers; the callback function will be called whenever a
+     new session is created, and gets to decide whether the session may be
+     cached to make it resumable (return 0) or not (return 1).  (As by the
+     SSL/TLS protocol specifications, the session_id sent by the server will be
+     empty to indicate that the session is not resumable; also, the server will
+     not generate RFC 4507 (RFC 5077) session tickets.)
+
+     A simple reasonable callback implementation is to return is_forward_secure.
+     This parameter will be set to 1 or 0 depending on the ciphersuite selected
+     by the SSL/TLS server library, indicating whether it can provide forward
+     security.
+     [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
 
   *) Add Next Protocol Negotiation,
      http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
@@ -105,7 +127,26 @@
      whose return value is often ignored. 
      [Steve Henson]
   
- Changes between 1.0.0a and 1.0.1  [xx XXX xxxx]
+ Changes between 1.0.0c and 1.0.1  [xx XXX xxxx]
+
+  *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
+     [Steve Henson]
+
+  *) Add EC_GFp_nistp224_method(), a 64-bit optimized implementation for
+     elliptic curve NIST-P224 with constant-time single point multiplication on
+     typical inputs.  EC_GROUP_new_by_curve_name() will automatically use this
+     (while EC_GROUP_new_curve_GFp() currently won't and prefers the more
+     flexible implementations).
+
+     The implementation requires support for the nonstandard type __uint128_t,
+     and so is disabled by default.  To include this in your build of OpenSSL,
+     use -DEC_NISTP224_64_GCC_128 on the Configure (or config) command line,
+     and run "make depend" (or "make update").
+     [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
+
+  *) Permit abbreviated handshakes when renegotiating using the function
+     SSL_renegotiate_abbreviated().
+     [Robin Seggelmann <seggelmann@fh-muenster.de>]
 
   *) Add call to ENGINE_register_all_complete() to
      ENGINE_load_builtin_engines(), so some implementations get used
@@ -125,7 +166,25 @@
        Add command line options to s_client/s_server.
      [Steve Henson]
 
- Changes between 1.0.0a and 1.0.0b  [xx XXX xxxx]
+ Changes between 1.0.0c and 1.0.0d [xx XXX xxxx]
+
+  *) Fix bug in string printing code: if *any* escaping is enabled we must
+     escape the escape character (backslash) or the resulting string is
+     ambiguous.
+     [Steve Henson]
+
+ Changes between 1.0.0b and 1.0.0c  [2 Dec 2010]
+
+  *) Fixed J-PAKE implementation error, originally discovered by
+     Sebastien Martini, further info and confirmation from Stefan
+     Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
+     [Ben Laurie]
+
+ Changes between 1.0.0a and 1.0.0b  [16 Nov 2010]
+
+  *) Fix extension code to avoid race conditions which can result in a buffer
+     overrun vulnerability: resumed sessions must not be modified as they can
+     be shared by multiple threads. CVE-2010-3864
 
   *) Fix WIN32 build system to correctly link an ENGINE directory into
      a DLL. 
@@ -980,6 +1039,18 @@
   
  Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
 
+  *) Fix extension code to avoid race conditions which can result in a buffer
+     overrun vulnerability: resumed sessions must not be modified as they can
+     be shared by multiple threads. CVE-2010-3864
+
+  *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
+     [Steve Henson]
+
+  *) Don't reencode certificate when calculating signature: cache and use
+     the original encoding instead. This makes signature verification of
+     some broken encodings work correctly.
+     [Steve Henson]
+
   *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
      is also one of the inputs.
      [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]