*) Change 'Configure' script to enable Camellia by default.
[NTT]
- Changes between 0.9.8i and 0.9.8j [xx XXX xxxx]
-
- *) Update Configure code and WIN32 build scripts to support experimental
- code. This is surrounded by OPENSSL_EXPERIMENTAL_FOO and not compiled
- in by default. Using the configuration option "enable-experimental-foo"
- enables it. Use this option for JPAKE.
- [Steve Henson]
+ Changes between 0.9.8i and 0.9.8j [07 Jan 2009]
+
+ *) Properly check EVP_VerifyFinal() and similar return values
+ (CVE-2008-5077).
+ [Ben Laurie, Bodo Moeller, Google Security Team]
+
+ *) Allow the CHIL engine to be loaded, whether the application is
+ multithreaded or not. (This does not release the developer from the
+ obligation to set up the dynamic locking callbacks.)
+ [Sander Temme <sander@temme.net>]
+
+ *) Use correct exit code if there is an error in dgst command.
+ [Steve Henson; problem pointed out by Roland Dirlewanger]
+
+ *) Tweak Configure so that you need to say "experimental-jpake" to enable
+ JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications.
+ [Bodo Moeller]
- *) Add JPAKE support, including demo authentication in s_client and
- s_server.
+ *) Add experimental JPAKE support, including demo authentication in
+ s_client and s_server.
[Ben Laurie]
*) Set the comparison function in v3_addr_canonize().