avoid SIGSEGV

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 6684dafa3d90cfb8cba75f8f50c0d28c35d63667..231986b27bfef42aa401b3c8d981ed78b8d88e6c 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,15 @@
 
  Changes between 0.9.7 and 0.9.8  [xx XXX 2002]
 
+  *) Let BN_rand_range() abort with an error after 100 iterations
+     without success (which indicates a broken PRNG).
+     [Bodo Moeller]
+
+  *) Change BN_mod_sqrt() so that it verifies that the input value
+     is really the square of the return value.  (Previously,
+     BN_mod_sqrt would show GIGO behaviour.)
+     [Bodo Moeller]
+
   *) Add named elliptic curves over binary fields from X9.62, SECG,
      and WAP/WTLS; add OIDs that were still missing.
 
@@ -21,8 +30,6 @@
           EC_GROUP_new_curve_GF2m
           EC_GROUP_set_curve_GF2m
           EC_GROUP_get_curve_GF2m
-          EC_POINT_set_Jprojective_coordinates_GF2m
-          EC_POINT_get_Jprojective_coordinates_GF2m
           EC_POINT_set_affine_coordinates_GF2m
           EC_POINT_get_affine_coordinates_GF2m
           EC_POINT_set_compressed_coordinates_GF2m
@@ -36,8 +43,8 @@
      between the implementations for prime fields and binary fields;
      the above ..._GF2m functions (except for EX_GROUP_new_curve_GF2m)
      are essentially identical to their ..._GFp counterparts.
-     (For simplicity, '..._GFp' prefix has been dropped from various
-     internal method names.)
+     (For simplicity, the '..._GFp' prefix has been dropped from
+     various internal method names.)
 
      An internal 'field_div' method (similar to 'field_mul' and
      'field_sqr') has been added; this is used only for binary fields.
@@ -45,7 +52,7 @@
      [Sheueling Chang Shantz and Douglas Stebila
      (Sun Microsystems Laboratories)]
 
-  *) Optionally dispatch EC_PONT_mul(), EC_POINT_precompute_mult()
+  *) Optionally dispatch EC_POINT_mul(), EC_POINT_precompute_mult()
      through methods ('mul', 'precompute_mult').
 
      The generic implementations (now internally called 'ec_wNAF_mul'
@@ -113,9 +120,11 @@
 
      bntest.c has additional tests for binary polynomial arithmetic.
 
-     Two implementations for BN_GF2m_mod_div() are available (selected
-     at compile-time).  ...
-TBD ... OPENSSL_NO_SUN_DIV ...  --Bodo
+     Two implementations for BN_GF2m_mod_div() are available.
+     The default algorithm simply uses BN_GF2m_mod_inv() and
+     BN_GF2m_mod_mul().  The alternative algorithm is compiled in only
+     if OPENSSL_SUN_GF2M_DIV is defined (patent pending; read the
+     copyright notice in crypto/bn/bn_gf2m.c before enabling it).
 
      [Sheueling Chang Shantz and Douglas Stebila
      (Sun Microsystems Laboratories)]
@@ -1886,6 +1895,12 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 
  Changes between 0.9.6e and 0.9.6f  [XX xxx XXXX]
 
+  *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
+     and get fix the header length calculation.
+     [Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>,
+       Alon Kantor <alonk@checkpoint.com> (and others),
+       Steve Henson]
+
   *) Use proper error handling instead of 'assertions' in buffer
      overflow checks added in 0.9.6e.  This prevents DoS (the
      assertions could call abort()).