Changes between 1.0.0 and 1.1.0 [xx XXX xxxx]
+ *) New function OPENSSL_gmtime_diff to find the difference in days
+ and seconds between two tm structures. This will be used to provide
+ additional functionality for ASN1_TIME.
+ [Steve Henson]
+
*) New -sigopt option to the ca, req and x509 utilities. Additional
signature parameters can be passed using this option and in
particular PSS.
is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
whose return value is often ignored.
[Steve Henson]
+
+ Changes between 1.0.0 and 1.0.0a [xx XXX xxxx]
+
+ *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
+ (CVE-2010-1633)
+ [Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
Changes between 0.9.8n and 1.0.0 [xx XXX xxxx]
*) Change 'Configure' script to enable Camellia by default.
[NTT]
+ Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
+
+ *) Correct a typo in the CMS ASN1 module which can result in invalid memory
+ access or freeing data twice (CVE-2010-0742)
+ [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
+
+ *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
+ common in certificates and some applications which only call
+ SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
+ [Steve Henson]
+
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never