correct NEWS
[openssl.git] / ssl /
2012-03-31 Dr. Stephen HensonPR: 2778(part)
2012-03-12 Dr. Stephen Hensonfix error code
2012-03-12 Dr. Stephen Hensonmanually patch missing part of PR#2756
2012-03-09 Dr. Stephen HensonPR: 2756
2012-03-07 Dr. Stephen HensonPR: 2755
2012-03-06 Dr. Stephen Hensonrevert PR#2755: it breaks compilation
2012-03-06 Dr. Stephen HensonPR: 2755
2012-03-06 Dr. Stephen HensonPR: 2748
2012-02-16 Dr. Stephen HensonFix bug in CVE-2011-4619: check we have really received...
2012-01-18 Dr. Stephen HensonFix for DTLS DoS issue introduced by fix for CVE-2011...
2012-01-05 Bodo MöllerFix for builds without DTLS support.
2012-01-04 Dr. Stephen HensonSubmitted by: Robin Seggelmann <seggelmann@fh-muenster...
2012-01-04 Dr. Stephen HensonClear bytes used for block padding of SSL 3.0 records...
2012-01-04 Dr. Stephen HensonOnly allow one SGC handshake restart for SSL/TLS. ...
2012-01-04 Dr. Stephen HensonSubmitted by: Adam Langley <>
2011-12-26 Dr. Stephen HensonPR: 2326
2011-12-02 Bodo MöllerResolve a stack set-up race condition (if the list...
2011-10-27 Dr. Stephen HensonPR: 2628
2011-10-19 Bodo MöllerOops: this change (
2011-10-13 Bodo MöllerIn ssl3_clear, preserve s3->init_extra along with s3...
2011-09-26 Dr. Stephen Hensonfix signed/unsigned warning
2011-09-23 Dr. Stephen HensonPR: 2602
2011-09-05 Bodo Möller(EC)DH memory handling fixes.
2011-09-01 Dr. Stephen HensonPR: 2573
2011-07-20 Dr. Stephen HensonPR: 2555
2011-07-20 Dr. Stephen HensonPR: 2550
2011-06-22 Dr. Stephen HensonPR: 2543
2011-05-25 Dr. Stephen HensonPR: 2529
2011-05-25 Dr. Stephen HensonOops use up to date patch for PR#2506
2011-05-25 Dr. Stephen HensonPR: 2506
2011-05-25 Dr. Stephen HensonPR: 2505
2011-05-19 Dr. Stephen Hensonset encodedPoint to NULL after freeing it
2011-04-03 Dr. Stephen HensonPR: 2462
2011-04-03 Dr. Stephen HensonPR: 2458
2011-04-03 Dr. Stephen HensonPR: 2457
2011-02-08 Bodo MöllerOCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) OpenSSL_0_9_8r
2011-02-03 Bodo MöllerAssorted bugfixes:
2011-01-04 Dr. Stephen HensonSince DTLS 1.0 is based on TLS 1.1 we should never...
2010-12-02 Dr. Stephen Hensonfix for CVE-2010-4180
2010-11-16 Dr. Stephen Hensonfix CVE-2010-3864
2010-10-10 Dr. Stephen HensonPR: 2314
2010-06-12 Ben LaurieFix gcc 4.6 warnings. Check TLS server hello extension...
2010-05-03 Dr. Stephen HensonPR: 2230
2010-04-14 Dr. Stephen HensonPR: 2230
2010-04-14 Dr. Stephen Hensonfix signed/unsigned comparison warnings
2010-04-14 Dr. Stephen HensonPR: 2230
2010-04-14 Dr. Stephen HensonPR: 2229
2010-04-14 Dr. Stephen HensonPR: 2228
2010-04-13 Richard LevitteThird argument to dtls1_buffer_record is by reference
2010-04-07 Dr. Stephen HensonAdd SHA2 algorithms to SSL_library_init(). Although...
2010-04-06 Dr. Stephen HensonPR: 2218
2010-04-06 Dr. Stephen HensonPR: 2219
2010-04-06 Dr. Stephen HensonPR: 2223
2010-03-30 Dr. Stephen Hensonmake no-comp compile again
2010-03-24 Dr. Stephen HensonPR: 1731 and maybe 2197
2010-03-24 Dr. Stephen HensonSubmitted by: Bodo Moeller and Adam Langley (Google).
2010-03-03 Dr. Stephen HensonSubmitted by: Tomas Hoger <>
2010-02-22 Richard LevitteAdd t1_reneg to the VMS build.
2010-02-17 Dr. Stephen HensonOR default SSL_OP_LEGACY_SERVER_CONNECT so existing...
2010-02-17 Dr. Stephen HensonAllow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT...
2010-02-16 Dr. Stephen HensonPR: 2171
2010-02-01 Dr. Stephen HensonPR: 2160
2010-02-01 Dr. Stephen HensonPR: 2159
2010-01-26 Dr. Stephen HensonPR: 1949
2010-01-26 Dr. Stephen HensonFix VC++ warning (change had already been made to other...
2010-01-24 Dr. Stephen Hensonoops revert test code from previous commit
2010-01-24 Dr. Stephen HensonThe fix for PR#1949 unfortunately broke cases where...
2010-01-22 Dr. Stephen HensonIf legacy renegotiation is not permitted then send...
2010-01-20 Dr. Stephen Hensonmake update
2010-01-19 Dr. Stephen HensonPR: 2144
2010-01-16 Dr. Stephen HensonPR: 2144
2010-01-16 Dr. Stephen HensonPR: 2133
2010-01-16 Dr. Stephen HensonAdd strings for DTLS protocol versions
2010-01-13 Dr. Stephen HensonFix version handling so it can cope with a major versio...
2010-01-07 Dr. Stephen HensonSimplify RI+SCSV logic:
2010-01-06 Dr. Stephen Hensoncorrect error codes
2010-01-06 Dr. Stephen HensonUpdates to conform with draft-ietf-tls-renegotiation...
2009-12-27 Dr. Stephen HensonUpdate RI to match latest spec.
2009-12-17 Dr. Stephen HensonAlert to use is now defined in spec: update code
2009-12-16 Dr. Stephen HensonNew option to enable/disable connection to unpatched...
2009-12-14 Dr. Stephen Hensonadd another missed case
2009-12-14 Dr. Stephen Hensonsimplify RI error code and catch extra error case ignor...
2009-12-14 Dr. Stephen HensonAllow initial connection (but no renegoriation) to...
2009-12-12 Ben LaurieMissing newline.
2009-12-11 Dr. Stephen HensonMove SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of...
2009-12-09 Dr. Stephen HensonDocument option clearning functions.
2009-12-09 Dr. Stephen HensonAdd ctrls to clear options and mode.
2009-12-08 Dr. Stephen HensonSend no_renegotiation alert as required by spec.
2009-12-08 Dr. Stephen HensonAdd ctrl and macro so we can determine if peer support...
2009-12-08 Dr. Stephen HensonAdd support for magic cipher suite value (MCSV). Make...
2009-12-01 Dr. Stephen HensonPR: 2115
2009-11-18 Dr. Stephen HensonServers can't end up talking SSLv2 with legacy renegoti...
2009-11-18 Dr. Stephen HensonDon't use SSLv2 compatible client hello if we don't...
2009-11-18 Dr. Stephen HensonInclude a more meaningful error message when rejecting...
2009-11-09 Dr. Stephen HensonFix wrong function codes and duplicate codes
2009-11-08 Dr. Stephen Hensonuse OPENSSL_assert() and not assert()
2009-11-08 Ben LaurieFirst cut of renegotiation extension.
2009-11-08 Dr. Stephen HensonRe-revert (re-insert?) temporary change that made reneg...
2009-11-08 Ben LaurieRevert renegotiation-breaking change.
2009-11-05 Ben LaurieDisable renegotiation.