Update CHANGES and NEWS for new release
[openssl.git] / ssl /
2018-11-09 Dr. Matthias St... Fix 'no-ecdh' build
2018-11-02 Matt CaswellProperly handle duplicated messages from the next epoch
2018-08-14 Matt CaswellUpdate copyright year
2018-07-03 Matt CaswellDon't create an invalid CertificateRequest
2018-06-25 Bernd EdlingerFix some more gcc-9 warnings [-Wstringop-truncation]
2018-05-12 Matt CaswellDon't memcpy the contents of an empty fragment
2018-05-02 Matt CaswellFix comment in ssl.h
2018-05-02 Matt CaswellFix SSL_get_shared_ciphers()
2018-04-27 Cristian Stoicafix warning unused-but-set-variable 'alg_k' (no-dh...
2018-04-27 Cristian Stoicafix warning unused-but-set-variable 'nostrict' (no...
2018-04-20 Matt CaswellFix the alert sent if no shared sig algs
2018-04-17 Matt CaswellIgnore the status_request extension in a resumption...
2018-03-27 Philippe AntoineAdds multiple checks to avoid buffer over reads
2018-03-27 Matt Caswellmake update
2018-03-27 Matt CaswellUpdate copyright year
2018-03-05 Bernd EdlingerMinor style fixup on recent commit
2018-02-22 Philippe AntoineChecks ec_points_format extension size
2018-02-21 Matt CaswellSanity check the ticket length before using key name/IV
2018-02-09 Bernd EdlingerSwap the check in ssl3_write_pending to avoid using
2018-01-30 Matt CaswellMake sure we check an incoming reneg ClientHello in...
2018-01-24 Jonathan ScaliseChanged OPENSSL_gmtime so macOS uses threadsafe gmtime_...
2018-01-24 J Mohan Rao ArisankalaCleanup ctxs if callback fail to retrieve session ticket
2018-01-09 Matt CaswellTolerate DTLS alerts with an incorrect version number
2017-12-11 Matt CaswellFix a switch statement fallthrough
2017-12-08 Rich SalzStandardize syntax around sizeof(foo)
2017-12-08 Richard LevitteRemove unicode characters from source
2017-12-07 Matt CaswellFix the buffer sizing in the fatalerrtest
2017-12-07 Matt CaswellFix initialisation in fatalerrtest
2017-12-06 Matt CaswellAdd a test for CVE-2017-3737
2017-12-06 Matt CaswellDon't allow read/write after fatal error
2017-11-14 Richard LevitteDon't use SSLv3_client_method internally with no-ssl3
2017-11-13 Andy PolyakovResolve warnings in VC-WIN32 build, which allows to...
2017-11-11 Richard Levittessltest.c: cb_ticket2 appears to not return a value...
2017-11-07 Bernd EdlingerFix error handling in heartbeat processing
2017-11-03 Kurt RoeckxFix no-ssl3-method build
2017-11-01 David BenjaminFix weak digest in TLS 1.2 with SNI.
2017-08-22 PauliUse casts for arguments to ctype functions.
2017-07-16 Bernd EdlingerBackport of 5b8fa43 and remove resolved TODO: see PR...
2017-06-21 Matt CaswellAdd documentation for the SSL_export_keying_material...
2017-06-01 Todd ShortFix ex_data memory leak
2017-06-01 Matt CaswellSend a protocol version alert
2017-05-26 Todd ShortFix inconsistent check of UNSAFE_LEGACY_RENEGOTIATION...
2017-05-25 Bernd EdlingerIgnore -rle and -comp when compiled with OPENSSL_NO_COMP.
2017-05-10 Matt CaswellCopy custom extension flags in a call to SSL_set_SSL_CTX()
2017-04-11 Rich SalzAdditional check to handle BAD SSL_write retry
2017-03-23 Richard LevitteGuard last few debugging printfs in libssl
2017-03-21 Matt CaswellFix BAD CCS alert in DTLS
2017-03-21 Matt CaswellAvoid a mem leak on error
2017-03-13 Matt CaswellFix DTLSv1_listen() sequence numbers
2017-03-11 Richard LevitteRevert "Use the callbacks from the SSL object instead...
2017-03-10 PauliUse the callbacks from the SSL object instead of the...
2017-03-10 Bernd EdlingerAvoid questionable use of the value of a pointer
2017-03-08 Roberto GuimaraesPrevent undefined behavior in memcpy call.
2017-02-24 Bernd EdlingerRestore the test coverage of COMP_rle and SSL_COMP_add_...
2017-02-22 Bernd EdlingerAdd some more consistency checks in tls_decrypt_ticket.
2017-02-15 Bernd EdlingerFix some realloc error handling issues.
2017-02-14 Yuchimem leak on error path and error propagation fix
2017-02-13 David BenjaminDon't read uninitialised data for short session IDs.
2017-02-09 Bernd EdlingerFix issue #2113:
2017-02-09 Bernd EdlingerFix the crash due to inconsistent enc_write_ctx
2017-02-08 Todd ShortFix session ticket and SNI
2017-02-06 Bernd EdlingerCombined patch for the more or less obvious issues
2017-01-26 Dr. Stephen HensonUse correct signature algorithm list when sending or...
2017-01-26 Richard LevitteBetter check of DH parameters in TLS data
2017-01-24 Bernd EdlingerFix a ssl session leak due to OOM in lh_SSL_SESSION_insert
2017-01-23 Matt CaswellFix SSL_VERIFY_CLIENT_ONCE
2017-01-10 Bernd EdlingerFix error handling in SSL_CTX_new
2016-12-14 russorzero pad DHE public key in ServerKeyExchange message...
2016-12-14 Richard LevitteFix ssl_cert_dup: change one 'return NULL' to 'goto...
2016-12-14 Richard LevitteMake 'err' lable in ssl_cert_dup unconditional
2016-12-13 Benjamin KadukFix a bug in clienthello processing
2016-11-29 Matt CaswellRevert "Fix heartbeat_test"
2016-11-21 Kurt RoeckxMake SSL_read and SSL_write return the old behaviour...
2016-11-13 Matthias KraftSolution proposal for issue #1647.
2016-11-02 Matt CaswellFail if an unrecognised record type is received
2016-11-02 Matt CaswellFix heartbeat_test
2016-10-28 Matt CaswellImplement length checks as a macro
2016-10-28 Matt CaswellEnsure we have length checks for all extensions
2016-10-28 Matt CaswellFix length check writing status request extension
2016-10-28 Matt CaswellA zero return from BIO_read/BIO_write() could be retryable
2016-10-14 Vitezslav CizekDegrade 3DES to MEDIUM in SSL2
2016-10-11 Kurt CancemiAdd missing error string for SSL_R_TOO_MANY_WARN_ALERTS
2016-09-22 Dirk FeytonsFix build with no-nextprotoneg
2016-09-22 Dmitry BelyavskyAvoid KCI attack for GOST
2016-09-22 Matt CaswellFix a mem leak in NPN handling
2016-09-22 Matt CaswellFix OCSP Status Request extension unbounded memory...
2016-09-21 Matt CaswellDon't allow too many consecutive warning alerts
2016-09-21 Dr. Stephen HensonMake message buffer slightly larger than message.
2016-09-21 Dr. Stephen HensonUse SSL3_HM_HEADER_LENGTH instead of 4.
2016-09-21 Dr. Stephen HensonRemove unnecessary check.
2016-09-21 Dr. Stephen HensonFix small OOB reads.
2016-09-15 Matt CaswellRevert "Abort on unrecognised warning alerts"
2016-09-15 Dr. Stephen HensonFix memory leak on realloc error.
2016-09-15 Dr. Stephen HensonFix memory leak on error.
2016-09-13 Matt CaswellAbort on unrecognised warning alerts
2016-08-30 Matt CaswellEnsure the CertStatus message adds a DTLS message heade...
2016-08-26 David WoodhouseAdd basic test for Cisco DTLS1_BAD_VER and record repla...
2016-08-26 David WoodhouseFix ubsan 'left shift of negative value -1' error in...
2016-08-26 David WoodhouseFix SSL_export_keying_material() for DTLS1_BAD_VER
2016-08-26 Matt CaswellFix the no-tls1 option