X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=17ddf7f021bc6f77c978da1a6366eeac03d48720;hp=7aae336e3757882016a00a47cc338ab67065cb52;hb=dc53a037b0ce091f2ade0d067ce9e88dd1c2ca21;hpb=fbd2164044f92383955a801ad1b2857d71e83f27

diff --git a/CHANGES b/CHANGES
index 7aae336e37..17ddf7f021 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,49 @@
 
  Changes between 1.0.0 and 1.1.0  [xx XXX xxxx]
 
+  *) New function OPENSSL_gmtime_diff to find the difference in days
+     and seconds between two tm structures. This will be used to provide
+     additional functionality for ASN1_TIME.
+     [Steve Henson]
+
+  *) New -sigopt option to the ca, req and x509 utilities. Additional
+     signature parameters can be passed using this option and in
+     particular PSS. 
+     [Steve Henson]
+
+  *) Add RSA PSS signing function. This will generate and set the
+     appropriate AlgorithmIdentifiers for PSS based on those in the
+     corresponding EVP_MD_CTX structure. No application support yet.
+     [Steve Henson]
+
+  *) Support for companion algorithm specific ASN1 signing routines.
+     New function ASN1_item_sign_ctx() signs a pre-initialised
+     EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
+     the appropriate parameters.
+     [Steve Henson]
+
+  *) Add new algorithm specific ASN1 verification initialisation function
+     to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
+     handling will be the same no matter what EVP_PKEY_METHOD is used.
+     Add a PSS handler to support verification of PSS signatures: checked
+     against a number of sample certificates.
+     [Steve Henson]
+
+  *) Add signature printing for PSS. Add PSS OIDs.
+     [Steve Henson, Martin Kaiser <lists@kaiser.cx>]
+
+  *) Add algorithm specific signature printing. An individual ASN1 method
+     can now print out signatures instead of the standard hex dump. 
+
+     More complex signatures (e.g. PSS) can print out more meaningful
+     information. Include DSA version that prints out the signature
+     parameters r, s.
+     [Steve Henson]
+
+  *) Add -trusted_first option which attempts to find certificates in the
+     trusted store even if an untrusted chain is also supplied.
+     [Steve Henson]
+
   *) Initial experimental support for explicitly trusted non-root CAs. 
      OpenSSL still tries to build a complete chain to a root but if an
      intermediate CA has a trust setting included that is used. The first
@@ -60,8 +103,14 @@
      is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
      whose return value is often ignored. 
      [Steve Henson]
+  
+ Changes between 1.0.0 and 1.0.0a  [xx XXX xxxx]
+  
+  *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover 
+     (CVE-2010-1633)
+     [Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
 
- Changes between 0.9.8m (?) and 1.0.0  [xx XXX xxxx]
+ Changes between 0.9.8n and 1.0.0  [xx XXX xxxx]
 
   *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
      context. The operation can be customised via the ctrl mechanism in
@@ -80,10 +129,6 @@
      it from client hello again. Don't allow server to change algorithm.
      [Steve Henson]
 
-  *) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
-     change when encrypting or decrypting.
-     [Bodo Moeller]
-
   *) Add load_crls() function to apps tidying load_certs() too. Add option
      to verify utility to allow additional CRLs to be included.
      [Steve Henson]
@@ -905,8 +950,37 @@
 
   *) Change 'Configure' script to enable Camellia by default.
      [NTT]
+  
+ Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
+
+  *) Correct a typo in the CMS ASN1 module which can result in invalid memory
+     access or freeing data twice (CVE-2010-0742)
+     [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
+
+  *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
+     common in certificates and some applications which only call
+     SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
+     [Steve Henson]
 
- Changes between 0.9.8l and 0.9.8m  [xx XXX xxxx]
+ Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
+
+  *) When rejecting SSL/TLS records due to an incorrect version number, never
+     update s->server with a new major version number.  As of
+     - OpenSSL 0.9.8m if 'short' is a 16-bit type,
+     - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
+     the previous behavior could result in a read attempt at NULL when
+     receiving specific incorrect SSL/TLS records once record payload
+     protection is active.  (CVE-2010-####)
+     [Bodo Moeller, Adam Langley]
+
+  *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL 
+     could be crashed if the relevant tables were not present (e.g. chrooted).
+     [Tomas Hoger <thoger@redhat.com>]
+
+ Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
+
+  *) Always check bn_wexpend() return values for failure.  (CVE-2009-3245)
+     [Martin Olsson, Neel Mehta]
 
   *) Fix X509_STORE locking: Every 'objs' access requires a lock (to
      accommodate for stack sorting, always a write lock!).
@@ -939,6 +1013,10 @@
      CVE-2009-4355.
      [Steve Henson]
 
+  *) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
+     change when encrypting or decrypting.
+     [Bodo Moeller]
+
   *) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
      connect and renegotiate with servers which do not support RI.
      Until RI is more widely deployed this option is enabled by default.