X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=STATUS;h=e04c545aa058b2c1a886720ca32389bfd0e8a830;hp=5731aae29f47361bf86094955233f31b58cd87ca;hb=9f100cf3441a56bdb4404bf5cc9747085e2c53a0;hpb=36969082bb6e2f6304388c2d7f50854822e1220c diff --git a/STATUS b/STATUS index 5731aae29f..e04c545aa0 100644 --- a/STATUS +++ b/STATUS @@ -1,13 +1,17 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2002/08/12 06:53:17 $ + ______________ $Date: 2002/12/12 19:40:55 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... - o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 - o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 - o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 + o OpenSSL 0.9.7-beta5: Released on December 5th, 2002 + o OpenSSL 0.9.7-beta4: Released on November 19th, 2002 + Debian GNU/Linux (kernel version 2.4.19, gcc 2.95.4) - PASSED + o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 + o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 + o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 + o OpenSSL 0.9.6h: Released on December 5th, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 @@ -31,6 +35,18 @@ o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm + o [2002-11-21] + PR 343 mentions that scrubbing memory with 'memset(ptr, 0, n)' may + be optimized away in modern compilers. This is definitely not good + and needs to be fixed immediately. The formula to use is presented + in: + + http://online.securityfocus.com/archive/82/297918/2002-10-27/2002-11-02/0 + + The problem report that mentions this is: + + https://www.aet.TU-Cottbus.DE/rt2/Ticket/Display.html?id=343 + AVAILABLE PATCHES o @@ -52,12 +68,19 @@ UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. - Kerberos 5 authentication + Kerberos 5 authentication (Heimdal) Constification - OCSP + Compression + Attribute Certificate support + Certificate Pair support + Storage Engines (primarly an LDAP storage engine) + Certificate chain validation with full RFC 3280 compatibility NEEDS PATCH + o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not + handle ECCdraft cipher suites correctly. + o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o "OpenSSL STATUS" is never up-to-date.