projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
1e024f0
)
Harmonize with OpenSSL_1_0_1-stable version of CHANGES.
author
Bodo Möller
<bodo@openssl.org>
Thu, 26 Aug 2010 11:22:33 +0000
(11:22 +0000)
committer
Bodo Möller
<bodo@openssl.org>
Thu, 26 Aug 2010 11:22:33 +0000
(11:22 +0000)
CHANGES
patch
|
blob
|
history
diff --git
a/CHANGES
b/CHANGES
index 813a8bc23538bdb2b38c614e555d5d757ccbff22..65cfb49e011cbd41bac9bf67c043abe209b46018 100644
(file)
--- a/
CHANGES
+++ b/
CHANGES
@@
-105,7
+105,7
@@
whose return value is often ignored.
[Steve Henson]
whose return value is often ignored.
[Steve Henson]
- Changes between 1.0.0 and 1.0.1 [xx XXX xxxx]
+ Changes between 1.0.0
a
and 1.0.1 [xx XXX xxxx]
*) Add call to ENGINE_register_all_complete() to
ENGINE_load_builtin_engines(), so some implementations get used
*) Add call to ENGINE_register_all_complete() to
ENGINE_load_builtin_engines(), so some implementations get used
@@
-127,18
+127,17
@@
Changes between 1.0.0a and 1.0.0b [xx XXX xxxx]
Changes between 1.0.0a and 1.0.0b [xx XXX xxxx]
-
*) Fix WIN32 build system to correctly link an ENGINE directory into
a DLL.
[Steve Henson]
*) Fix WIN32 build system to correctly link an ENGINE directory into
a DLL.
[Steve Henson]
- Changes between 1.0.0 and 1.0.0a [
xx XXX xxxx
]
-
+ Changes between 1.0.0 and 1.0.0a [
01 Jun 2010
]
+
*) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
(CVE-2010-1633)
[Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
*) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
(CVE-2010-1633)
[Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
- Changes between 0.9.8n and 1.0.0 [
xx XXX xxxx
]
+ Changes between 0.9.8n and 1.0.0 [
29 Mar 2010
]
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
context. The operation can be customised via the ctrl mechanism in
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
context. The operation can be customised via the ctrl mechanism in
@@
-979,7
+978,10
@@
*) Change 'Configure' script to enable Camellia by default.
[NTT]
*) Change 'Configure' script to enable Camellia by default.
[NTT]
- Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
+ Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
+
+ [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
+ OpenSSL 1.0.0.]
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
access or freeing data twice (CVE-2010-0742)
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
access or freeing data twice (CVE-2010-0742)
@@
-990,6
+992,12
@@
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
[Steve Henson]
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
[Steve Henson]
+ *) VMS fixes:
+ Reduce copying into .apps and .test in makevms.com
+ Don't try to use blank CA certificate in CA.com
+ Allow use of C files from original directories in maketests.com
+ [Steven M. Schweda" <sms@antinode.info>]
+
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
@@
-998,8
+1006,8
@@
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
the previous behavior could result in a read attempt at NULL when
receiving specific incorrect SSL/TLS records once record payload
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
the previous behavior could result in a read attempt at NULL when
receiving specific incorrect SSL/TLS records once record payload
- protection is active. (CVE-2010-
####
)
- [Bodo Moeller, Adam Langley]
+ protection is active. (CVE-2010-
0740
)
+ [Bodo Moeller, Adam Langley
<agl@chromium.org>
]
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).