Fix for CVE-2014-0076
[openssl.git] / CHANGES
2014-03-12 Dr. Stephen HensonFix for CVE-2014-0076
2014-01-06 Dr. Stephen HensonPrepare for 1.0.0m-dev
2014-01-06 Dr. Stephen HensonPrepare for 1.0.0l release OpenSSL_1_0_0l
2013-12-20 Dr. Stephen HensonFix DTLS retransmission from previous session.
2013-10-04 Ben LaurieMerge branch 'rob-100' into OpenSSL_1_0_0-stable
2013-10-04 Rob StradlingUpdate CHANGES.
2013-09-16 Bodo MoellerSync CHANGES and NEWS files.
2013-02-06 Dr. Stephen Hensonprepare for next version
2013-02-05 Dr. Stephen Hensonprepare for release OpenSSL_1_0_0k
2013-02-05 Dr. Stephen HensonUpdate CHANGES and NEWS
2013-02-05 Dr. Stephen HensonDon't try and verify signatures if key is NULL (CVE...
2012-10-04 Ben LaurieBackport OCSP Stapling fix.
2012-05-11 Dr. Stephen HensonPR: 2813
2012-05-10 Dr. Stephen Hensonprepare for next version
2012-05-10 Dr. Stephen Hensonprepare for 1.0.0j release OpenSSL_1_0_0j
2012-05-10 Dr. Stephen HensonSanity check record length before skipping explicit...
2012-05-10 Dr. Stephen HensonReported by: Solar Designer of Openwall
2012-04-19 Dr. Stephen Hensonprepare for next version
2012-04-19 Dr. Stephen Hensonprepare for 1.0.0i release OpenSSL_1_0_0i
2012-04-19 Dr. Stephen HensonCheck for potentially exploitable overflows in asn1_d2i...
2012-03-12 Dr. Stephen Hensonprepare for next version
2012-03-12 Dr. Stephen Hensonprepare for release
2012-03-12 Dr. Stephen HensonFix for CMS/PKCS7 MMA. If RSA decryption fails use...
2012-02-16 Dr. Stephen HensonFix bug in CVE-2011-4619: check we have really received...
2012-01-18 Dr. Stephen Hensonprepare for next version
2012-01-18 Dr. Stephen Hensonprepare for release OpenSSL_1_0_0g
2012-01-18 Dr. Stephen HensonFix for DTLS DoS issue introduced by fix for CVE-2011...
2012-01-17 Dr. Stephen Hensonfix CHANGES entry
2012-01-05 Bodo MöllerUpdate for 0.9.8s.
2012-01-04 Dr. Stephen Hensonupdate for next version
2012-01-04 Dr. Stephen Hensonprepare for release OpenSSL_1_0_0f
2012-01-04 Dr. Stephen HensonSubmitted by: Robin Seggelmann <seggelmann@fh-muenster...
2012-01-04 Dr. Stephen HensonClear bytes used for block padding of SSL 3.0 records...
2012-01-04 Dr. Stephen HensonOnly allow one SGC handshake restart for SSL/TLS. ...
2012-01-04 Dr. Stephen HensonCheck GOST parameters are not NULL (CVE-2012-0027)
2012-01-04 Dr. Stephen HensonPrevent malformed RFC3779 data triggering an assertion...
2011-12-19 Dr. Stephen HensonPR: 2563
2011-12-02 Bodo MöllerResolve a stack set-up race condition (if the list...
2011-12-02 Bodo MöllerFix ecdsatest.c.
2011-12-02 Bodo MöllerFix BIO_f_buffer().
2011-10-19 Bodo MöllerBN_BLINDING multi-threading fix.
2011-10-13 Bodo MöllerIn ssl3_clear, preserve s3->init_extra along with s3...
2011-09-06 Dr. Stephen Hensonprepare for next version
2011-09-06 Dr. Stephen Hensonupdate versions and dates for release OpenSSL_1_0_0e
2011-09-06 Dr. Stephen HensonInitialise X509_STORE_CTX properly so CRLs with nextUpd...
2011-09-05 Bodo Möller(EC)DH memory handling fixes.
2011-09-05 Bodo MöllerFix memory leak on bad inputs.
2011-08-14 Dr. Stephen HensonRemove hard coded ecdsaWithSHA1 hack in ssl routines...
2011-06-15 Bodo MöllerComplete the version history (include information on...
2011-05-25 Dr. Stephen HensonFix the ECDSA timing attack mentioned in the paper at:
2011-02-08 Bodo MöllerSync with 0.9.8 branch.
2011-02-08 Bodo Möllerstart 1.0.0e-dev
2011-02-08 Bodo MöllerOCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) OpenSSL_1_0_0d
2011-01-03 Dr. Stephen HensonFix escaping code for string printing. If *any* escapin...
2010-12-02 Dr. Stephen Hensonupdate for next release
2010-12-02 Dr. Stephen Hensonprepare for release OpenSSL_1_0_0c
2010-12-02 Dr. Stephen Hensonfix for CVE-2010-4180
2010-11-29 Dr. Stephen Hensonadd CVE to J-PAKE issue
2010-11-24 Ben LaurieDocument change.
2010-11-16 Dr. Stephen Hensonupdate for next version
2010-11-16 Dr. Stephen Hensonprepare for release OpenSSL_1_0_0b
2010-11-16 Dr. Stephen Hensonfix CVE-2010-3864
2010-10-10 Dr. Stephen HensonPR: 2314
2010-10-03 Dr. Stephen HensonAdd call to ENGINE_register_all_complete() to ENGINE_lo...
2010-08-26 Bodo MöllerECC library bugfixes.
2010-08-26 Bodo MöllerHarmonize with OpenSSL_0_9_8-stable version of CHANGES.
2010-07-24 Dr. Stephen HensonFix WIN32 build system to correctly link ENGINE DLLs...
2010-06-16 Dr. Stephen Hensonupdate for next version
2010-06-01 Dr. Stephen Hensonprepare for release OpenSSL_1_0_0a
2010-06-01 Dr. Stephen HensonFix CVE-2010-1633 and CVE-2010-0742.
2010-04-07 Dr. Stephen HensonAdd SHA2 algorithms to SSL_library_init(). Although...
2010-03-30 Dr. Stephen Hensonupdates for next release
2010-03-29 Dr. Stephen HensonPrepare for 1.0.0 release - finally ;-) OpenSSL_1_0_0
2010-03-25 Bodo MöllerFix for "Record of death" vulnerability CVE-2010-0740.
2010-03-03 Dr. Stephen HensonSubmitted by: Tomas Hoger <>
2010-02-26 Dr. Stephen Hensonoops, use correct date
2010-02-19 Bodo MöllerFix X509_STORE locking
2010-02-17 Dr. Stephen HensonAllow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT...
2010-02-17 Dr. Stephen HensonPR: 2100
2010-02-12 Dr. Stephen Hensonupdate references to new RI RFC
2010-02-07 Dr. Stephen HensonAdd missing function EVP_CIPHER_CTX_copy(). Current...
2010-01-27 Dr. Stephen Hensontypo
2010-01-26 Dr. Stephen Hensonadd CHANGES entry
2010-01-26 Dr. Stephen HensonTypo
2010-01-22 Dr. Stephen HensonTolerate PKCS#8 DSA format with negative private key.
2010-01-13 Dr. Stephen HensonFix version handling so it can cope with a major versio...
2010-01-13 Dr. Stephen HensonModify compression code so it avoids using ex_data...
2010-01-12 Dr. Stephen HensonPR: 2136
2010-01-06 Dr. Stephen HensonUpdates to conform with draft-ietf-tls-renegotiation...
2010-01-01 Dr. Stephen HensonCompression handling on session resume was badly broken...
2009-12-22 Bodo MöllerConstify crypto/cast.
2009-12-16 Dr. Stephen HensonNew option to enable/disable connection to unpatched...
2009-12-09 Dr. Stephen HensonAdd ctrls to clear options and mode.
2009-12-08 Dr. Stephen HensonSend no_renegotiation alert as required by spec.
2009-12-08 Dr. Stephen HensonAdd ctrl and macro so we can determine if peer support...
2009-12-08 Dr. Stephen HensonAdd support for magic cipher suite value (MCSV). Make...
2009-12-02 Dr. Stephen HensonPR: 2111
2009-11-26 Bodo MöllerMake CHANGES in the OpenSSL_1_0_0-stable branch consist...
2009-11-09 Dr. Stephen Hensonfix CHANGES
2009-11-09 Dr. Stephen HensonFirst cut of renegotiation extension. (port to 1.0...