X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=STATUS;h=0d7707d0b6db1aaec46ab4bd406ba4381bd2f45a;hp=bcfd8d42e2c88f8bbce81a28c5076d9d73d0021c;hb=2047bda6fb8bedab1103b7bd5df5ea55eb7ccc9b;hpb=fbe792f0ac378a56ba77178bb319d07ed42df0e4 diff --git a/STATUS b/STATUS index bcfd8d42e2..0d7707d0b6 100644 --- a/STATUS +++ b/STATUS @@ -1,13 +1,16 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2002/08/08 22:55:28 $ + ______________ $Date: 2002/11/21 22:39:08 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... + o OpenSSL 0.9.7-beta4: Released on November 19th, 2002 + Debian GNU/Linux (kernel version 2.4.19, gcc 2.95.4) - PASSED o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 + o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May 9th, 2002 @@ -30,6 +33,18 @@ o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm + o [2002-11-21] + PR 343 mentions that scrubbing memory with 'memset(ptr, 0, n)' may + be optimized away in modern compilers. This is definitely not good + and needs to be fixed immediately. The formula to use is presented + in: + + http://online.securityfocus.com/archive/82/297918/2002-10-27/2002-11-02/0 + + The problem report that mentions this is: + + https://www.aet.TU-Cottbus.DE/rt2/Ticket/Display.html?id=343 + AVAILABLE PATCHES o @@ -57,6 +72,9 @@ NEEDS PATCH + o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not + handle ECCdraft cipher suites correctly. + o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o "OpenSSL STATUS" is never up-to-date.