X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=f7f2258bbf306fe5829a0944dbfde99231418a93;hp=1a3c3eed792a234b31023346170f6918250ea5fa;hb=c9fd9152bd35ff48f1858eb1a4195ca02866ca9c;hpb=02ee8626fbf52c6b1cd7ce2508369f59eda701e9

diff --git a/CHANGES b/CHANGES
index 1a3c3eed79..f7f2258bbf 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,8 +1,30 @@
+
  OpenSSL CHANGES
  _______________
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Change bctest to avoid here-documents inside command substitution
+     (workaround for FreeBSD /bin/sh bug).
+     [Bodo Moeller]
+
+  *) Rename 'des_encrypt' to 'des_encrypt1'.  This avoids the clashes
+     with des_encrypt() defined on some operating systems, like Solaris
+     and UnixWare.
+     [Richard Levitte]
+
+  *) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton:
+     On the Importance of Eliminating Errors in Cryptographic
+     Computations, J. Cryptology 14 (2001) 2, 101-119,
+     http://theory.stanford.edu/~dabo/papers/faults.ps.gz).
+     [Ulf Moeller]
+  
+  *) MIPS assembler BIGNUM division bug fix. 
+     [Andy Polyakov]
+
+  *) Disabled incorrect Alpha assembler code.
+     [Richard Levitte]
+
   *) Fix bug in PKCS#12 key generation routines. This was triggered
      if a 3DES key was generated with a 0 initial byte. Include
      PKCS12_BROKEN_KEYGEN compilation option to retain the old
@@ -424,16 +446,16 @@
      Fix leaks in PKCS12 and PKCS7 routines.
      [Steve Henson]
 
-  *) Fix for Irix with NO_ASM.
-     ["Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
-
   *) Add some EVP_add_digest_alias registrations (as found in
-     OpenSSL_add_all_digests()), to SSL_library_init()
+     OpenSSL_add_all_digests()) to SSL_library_init()
      aka OpenSSL_add_ssl_algorithms().  This provides improved
      compatibility with peers using X.509 certificates
      with unconventional AlgorithmIdentifier OIDs.
      [Bodo Moeller]
 
+  *) Fix for Irix with NO_ASM.
+     ["Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
+
   *) ./config script fixes.
      [Ulf Moeller, Richard Levitte]
 
@@ -798,6 +820,10 @@
      be handled deterministically).
      [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
 
+  *) Add a 'bctest' script that checks for some known 'bc' bugs
+     so that 'make test' does not abort just because 'bc' is broken.
+     [Bodo Moeller]
+
   *) Store verify_result within SSL_SESSION also for client side to
      avoid potential security hole. (Re-used sessions on the client side
      always resulted in verify_result==X509_V_OK, not using the original
@@ -1082,6 +1108,9 @@
      matter what.
      [Richard Levitte]
 
+  *) Added several new manual pages for SSL_* function.
+     [Lutz Jaenicke]
+
  Changes between 0.9.5a and 0.9.6  [24 Sep 2000]
 
   *) In ssl23_get_client_hello, generate an error message when faced