i variable is used on some platforms

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index a0736f43f3391a2dc1361773ee2919b11be20171..17ddf7f021bc6f77c978da1a6366eeac03d48720 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,11 @@
 
  Changes between 1.0.0 and 1.1.0  [xx XXX xxxx]
 
+  *) New function OPENSSL_gmtime_diff to find the difference in days
+     and seconds between two tm structures. This will be used to provide
+     additional functionality for ASN1_TIME.
+     [Steve Henson]
+
   *) New -sigopt option to the ca, req and x509 utilities. Additional
      signature parameters can be passed using this option and in
      particular PSS. 
@@ -98,6 +103,12 @@
      is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
      whose return value is often ignored. 
      [Steve Henson]
+  
+ Changes between 1.0.0 and 1.0.0a  [xx XXX xxxx]
+  
+  *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover 
+     (CVE-2010-1633)
+     [Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
 
  Changes between 0.9.8n and 1.0.0  [xx XXX xxxx]
 
@@ -942,6 +953,10 @@
   
  Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
 
+  *) Correct a typo in the CMS ASN1 module which can result in invalid memory
+     access or freeing data twice (CVE-2010-0742)
+     [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
+
   *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
      common in certificates and some applications which only call
      SSL_library_init and not OpenSSL_add_all_algorithms() will fail.