Changes between 1.0.0 and 1.1.0 [xx XXX xxxx]
+ *) Add -trusted_first option which attempts to find certificates in the
+ trusted store even if an untrusted chain is also supplied.
+ [Steve Henson]
+
*) Initial experimental support for explicitly trusted non-root CAs.
OpenSSL still tries to build a complete chain to a root but if an
intermediate CA has a trust setting included that is used. The first
whose return value is often ignored.
[Steve Henson]
- Changes between 0.9.8m (?) and 1.0.0 [xx XXX xxxx]
+ Changes between 0.9.8m and 1.0.0 [25 Feb 2010]
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
context. The operation can be customised via the ctrl mechanism in
*) Change 'Configure' script to enable Camellia by default.
[NTT]
+
+ Changes between 0.9.8m and 0.9.8n [xx XXX xxxx]
+
+ *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
+ could be crashed if the relevant tables were not present (e.g. chrooted).
+ [Tomas Hoger <thoger@redhat.com>]
Changes between 0.9.8l and 0.9.8m [xx XXX xxxx]